Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ad by CouponDropDown entfernen (https://www.trojaner-board.de/164792-ad-by-coupondropdown-entfernen.html)

Sandro91 06.03.2015 19:16
Ad by CouponDropDown entfernen
 
Hallo Community ich habe seit ungefähr einer denn Ad by CouponDropDown auf meinem Rechner dieser ist ziemlich nervig und ich würde ihn gerne Deinstallieren aber weiß nicht wie.

mfG sandro:schrei:

cosinus 06.03.2015 22:50
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?[/b]

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Sandro91 21.03.2015 13:02

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Melori Bigvava (administrator) on MELORI-PC on 21-03-2015 12:52:07
Running from C:\Users\Melori Bigvava\Downloads
Loaded Profiles: UpdatusUser & Melori Bigvava (Available profiles: UpdatusUser & Sandrtropez & Melori Bigvava & Administrator & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\LauncherService.exe
(AV Security Software) C:\Windows\mlwps.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(FOMINE SOFTWARE) C:\Program Files (x86)\Fomine Net Send GUI\NetSendGUI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
() C:\Users\Melori Bigvava\Java\uMlCkZN.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
() C:\Users\Melori Bigvava\AppData\Local\Temp\GPUpd550D585B0.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Google\Update\Install\{EB5070E2-7E26-4F49-8E35-E126D4023AE6}\41.0.2272.101_41.0.2272.89_chrome_updater.exe
(Google Inc.) C:\Windows\TEMP\CR_B80E1.tmp\setup.exe
(Farbar) C:\Users\Melori Bigvava\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6561384 2010-12-14] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1715320 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [513168 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [326528 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [NAT Service] => C:\Program Files (x86)\NAT Service\natsv.exe
HKLM-x32\...\Run: [Windows*Updates] => c:\windows\system\Update.exe
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2011-08-22] (VMware, Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Melori Bigvava at 2015-03-21 12:59:34
Running from C:\Users\Melori Bigvava\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced IP Scanner 2.3 (HKLM-x32\...\{18FC0DE0-9381-42A8-B20C-B7C0E3525B76}) (Version: 2.3.2161 - Famatech)
AnalogX AutoTune (HKLM-x32\...\AnalogX AutoTune) (Version:  - AnalogX)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Apowersoft Bildschirmrekorder Pro V1.4.2 (HKLM-x32\...\{BADAA284-1D15-4EBB-B1E5-7C86603CDBBB}_is1) (Version: 1.4.2 - APOWERSOFT LIMITED)
Apowersoft kostenloser Bildschirmrekorder V1.4.0 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.4.0 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
Avira (HKLM-x32\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.739 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{981B38A6-E4D0-4D94-98C2-75AC645755F5}) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Camtasia Studio 8 (HKLM-x32\...\{419CEBE1-36E9-4AB2-8586-D6213AE28621}) (Version: 8.4.0.1699 - TechSmith Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MX430 series Benutzerregistrierung (HKLM-x32\...\Canon MX430 series Benutzerregistrierung) (Version:  - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - Canon Inc.)
Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.12 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CINEMA 4D R14 (HKLM-x32\...\CINEMA 4D R14) (Version:  - )
ControlConsole API version 2.5 (HKLM-x32\...\{E6C0F5ED-B5EA-451D-8CB1-57902AA188DE}_is1) (Version: 2.5 - Enstone)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarkComet Remover version 2.0 (HKLM-x32\...\DarkComet Remover_is1) (Version: 2.0 - Phrozen ® Software 2013.)
DealPly (HKU\.DEFAULT\...\DealPly) (Version:  - ) <==== ATTENTION
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.19 - ArcSoft)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.0.1011 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.0.1011 - CyberLink Corp.) Hidden
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Facebook Video Calling 1.2.0.159 (HKLM-x32\...\{7CAC6A44-C3DE-4153-ACA6-7524602C789E}) (Version: 1.2.159 - Skype Limited)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Feurio! CD-Writer (HKLM-x32\...\Feurio) (Version:  - )
FileZilla Client 3.8.1 (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FileZilla Client 3.8.1 (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Folder Colorizer version 1.3.3 (HKLM\...\{A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1) (Version: 1.3.3 - Softorino)
Fomine Net Send GUI (HKLM-x32\...\{1D762243-7FA0-4152-B3B5-A5541C3F0C9E}) (Version: 2.7.0.0 - Fomine Software)
FPS Creator (HKLM-x32\...\{B91E4360-298A-4306-9E95-9AD91A0952A1}) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Game Recorder (HKLM-x32\...\{FAA57751-B08B-43C4-92F5-666C21DA91E6}) (Version: 1.1.0.115 - Kaiser Baas)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GTA Online - Recovery Tool (HKLM-x32\...\{98DEAB74-5359-489A-B954-EE178BFCC9CF}_is1) (Version: 3.44 - iMCS Productions)
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Havij 1.15 Free (HKLM-x32\...\Havij_is1) (Version:  - ITSecTeam)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HexWizard 1.2.5 (HKLM-x32\...\HexWizard 1.2.5_is1) (Version:  - handycheats.de)
HHD Software Free Hex Editor 3.12 (HKLM-x32\...\Hex Editor 3) (Version: 3.12 - )
Hide ALL IP 2014.12.04 (HKLM-x32\...\{02FC1980-2123-451F-8CB7-C9B60BE40717}_is1) (Version:  - www.hideallip.com)
HMA! Pro VPN 2.8.11.2 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.11.2 - Privax Ltd)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (HKLM-x32\...\{D81641E8-ABF1-3D07-803B-60E8FC619368}.KB2635973) (Version: 1 - Microsoft Corporation)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Instagram Bot (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\3d6770cba9696bf8) (Version: 1.0.0.13 - Microsoft)
Instagram Bot (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\3d6770cba9696bf8) (Version: 1.0.0.13 - Microsoft)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}) (Version: 1.0.1.0489 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
IPVanish (x32 Version: 2.0.18.6 - IPVanish.com) Hidden
IPVanish VPN (HKLM-x32\...\{56fb1453-6bf9-40da-b615-32fbe5567eb4}) (Version: 2.0.18.6 - IPVanish.com)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lightshot-5.1.3.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.3.0 - Skillbrains)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
LogonStudio (HKLM-x32\...\LogonStudio) (Version: 1.7 - Stardock Corporation)
MAGIX Music Maker for MySpace 15.0.1.8 (D) (HKLM-x32\...\MAGIX Music Maker for MySpace D) (Version: 15.0.1.8 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (HKLM-x32\...\Microsoft Visual Basic 2008 Express Edition with SP1 - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{21855b34-090c-4507-b972-388491166e31}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mobile Mouse Server (HKLM-x32\...\{333AE9D2-1A42-4012-BEC3-DFF9BEBF5CDD}) (Version: 3.0.1 - RPA Tech, Inc)
MobiOne 2.6.3 (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\com.poweredbypulse.profile-0-rb-10081-1410724937699) (Version: 2.6.3 - Genuitec, LLC)
MobiOne 2.6.3 (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\com.poweredbypulse.profile-0-rb-10081-1410724937699) (Version: 2.6.3 - Genuitec, LLC)
Movavi Video Converter 14 (HKLM-x32\...\Movavi Video Converter 14) (Version: 14.0.0 - Movavi)
Movavi Video Converter 15 (HKLM-x32\...\Movavi Video Converter 15) (Version: 15.1.0 - Movavi)
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicStage (HKLM-x32\...\{616AF091-D73C-481B-9113-FD758EB2F50A}) (Version: 1.3.31.0 - Fingertapps)
My Program version 1.5 (HKLM-x32\...\My Program_is1) (Version: 1.5 - )
NetMon (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\NetMon) (Version: 0.5b - NetMon)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.14 (HKLM\...\{8DD94059-60C6-42E3-AB59-8F37445ACC79}) (Version: 4.3.14 - Oracle Corporation)
Password Decryptor 1.0 (HKLM-x32\...\{674CA447-D132-11D4-A4ED-00C04F25604E}) (Version: 1.0.0 - Rohitab Batra)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Pokki (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Pokki) (Version: 0.266.1.172 - Pokki)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
Proxy Switcher (HKLM-x32\...\{BD85CEE1-BFBA-4FDB-A0FB-F8FE4938CCB0}) (Version: 3.6.1 - Marco Wiedemeyer)
ProxySwitcher Standard (HKLM-x32\...\ProxySwitcher Standard_is1) (Version: 5.12.1 - V-Tech LLC)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.2 r2161 - )
RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version:  - RAR Password Unlocker, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SCE File System Driver v1.8.0.17 (HKLM\...\{6B1CA4D0-D27C-4893-A2A0-82FE0335BC0D}) (Version: 1.8.0.17 - Sony Computer Entertainment Inc.)
SCE ProDG Debugger Documentation for PlayStation®3 v420.1.0 (HKLM-x32\...\{D7BF9F65-76E8-44BA-948A-875863CF3144}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Debugger for PlayStation®3 v420.1.0 (HKLM-x32\...\{6C8B2A8A-50E7-4D9F-80E7-94CBD6148FBB}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Target Manager Documentation for PlayStation®3 v420.1.0 (HKLM-x32\...\{6DDB0863-803D-4814-A39F-E395A5D4EE34}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Target Manager for PlayStation®3 v420.1.0 (HKLM-x32\...\{149E5890-9C43-4E68-92A3-5516705D1CAD}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SN Systems SN Launcher v1.0.7.1 (HKLM-x32\...\{C72CA33A-AA67-4CB8-BD94-E2ABDED81173}) (Version: 1.0.7.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Sub7 version 0.8a (HKLM-x32\...\{DC9349C9-D6C3-460E-91FE-56517F1ED77A}_is1) (Version: 0.8a - Sub7)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Terminals (HKLM-x32\...\{15A062CE-E1A0-4677-8477-BD160497943B}) (Version: 3.5.0.0 - Robert Chartier)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3500.13 - TuneUp Software) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.0.18997 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.0.18997 - VMware, Inc.) Hidden
Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.11 - NCH Software)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 5.91 - NCH Software)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireshark 1.10.7 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, hxxp://www.wireshark.org)
Wondershare Video Converter Ultimate(Build 8.0.3.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.0.3.0 - Wondershare Software)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-02-26 20:57 - 00010949 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A91EFF1-35D6-4823-BF8E-4CB60F2899E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {1B9B585A-4A9B-445A-BE44-59526BFCF45C} - System32\Tasks\{ECF3C6FE-1D7D-4E14-9C69-2D6DC27838D1} => pcalua.exe -a "C:\Users\Melori Bigvava\Desktop\DDOS (1)\Ps3-Ip-Xbox-Booter-Ddos\ca_setup.exe" -d "C:\Users\Melori Bigvava\Desktop\DDOS (1)\Ps3-Ip-Xbox-Booter-Ddos"
Task: {1CAE567D-2B5F-48A0-91DB-93E558275389} - System32\Tasks\NAT Service => C:\Users\Melori Bigvava\AppData\Roaming\4ihhV7t7XB2SXiK6\xkUoCcvM5Wzk.exe
Task: {217143E0-62DA-458A-AD87-2DC2586ACDC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {24C23E0B-48F8-496F-8D58-4056DC126593} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {24C58A5C-DA82-4E45-B0E7-D358AC2F110C} - System32\Tasks\Jelbrus Secure Web Task => C:\Program Files (x86)\Jelbrus Secure Web\jswtask.exe <==== ATTENTION
Task: {2BE4C172-2A24-4382-AFEE-6917EFA2E8AA} - System32\Tasks\NAT Service Task => C:\Program Files (x86)\NAT Service\natsv.exe
Task: {3006EB52-2FEC-4E1E-9E04-8B6E36F4BA3B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software)
Task: {3155C1FD-F675-4DD2-B784-FADE3E0AEFC9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001Core => C:\Users\Melori\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3D2C3750-D0FB-4A7F-8A63-F25E9145977A} - System32\Tasks\Malware Cleaner => C:\Users\Melori Bigvava\AppData\Roaming\E11A.tmp.exe <==== ATTENTION
Task: {4DEE8AE2-671B-4349-83A3-CB497B93EAD6} - System32\Tasks\{1384B26F-621A-4A1A-BE53-1215852B8C18} => pcalua.exe -a F:\VMware\setup.exe -d F:\VMware
Task: {526EBC0E-96A5-4FB1-B736-109E1EB32A8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {5463C744-74C3-40FE-A582-CEEA58F03F6E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001UA => C:\Users\Melori\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {657F3C6D-F3D4-44BF-AD20-3768CBDF4BA0} - System32\Tasks\Get Plus Uplifter => C:\Program Files (x86)\PrivateVPN\gpup.exe [2015-03-06] () <==== ATTENTION
Task: {7005CD47-39CE-4507-9F5A-ADE047D270F2} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {7135C6F8-B5EC-4622-8DF6-420BBB96F063} - System32\Tasks\{DC51F4A1-48B6-4EAC-AACA-712E73032BEF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {720868F2-7ECC-46E1-B3F4-B08D90AE354E} - System32\Tasks\{D7B9E461-56D3-4521-8002-93C76613EAA2} => pcalua.exe -a C:\Users\Melori\Downloads\SweetImSetup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {92DB6912-43DB-4D7E-84FE-8622D8F629A5} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {9E5BFDB2-6479-4631-847C-8F378E2D7940} - System32\Tasks\{51400B7C-07E8-4DE3-84FE-2594E22C0EE4} => pcalua.exe -a "C:\Users\Melori Bigvava\Downloads\autoi.exe" -d "C:\Users\Melori Bigvava\Downloads"
Task: {A537C7A2-6A9E-4A0A-8178-9EE401264284} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004UA => C:\Users\Sandrtropez\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {B15A0E5F-0BD4-4DB4-9D73-24E7C21D2066} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BB2B9E1B-A310-4D23-B25A-973F7FD01C0A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004Core => C:\Users\Sandrtropez\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {C2CEB6B2-EE2D-4870-85CA-C2AB8CF93794} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006UA => C:\Users\Melori Bigvava\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-14] (Facebook Inc.)
Task: {D0A9F4F9-8D72-4C3B-BAF3-F091E43DF111} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006Core => C:\Users\Melori Bigvava\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-14] (Facebook Inc.)
Task: {ED27DC26-19C6-42BA-A29E-2C10B02800CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F08818C2-2564-4B92-8595-4C007A39898A} - System32\Tasks\Opera scheduled Autoupdate 1403697665 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {F922431C-3272-4F52-A510-203D63C0D2DD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001Core.job => C:\Users\Melori\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001UA.job => C:\Users\Melori\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004Core.job => C:\Users\Sandrtropez\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004UA.job => C:\Users\Sandrtropez\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006Core.job => C:\Users\Melori Bigvava\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006UA.job => C:\Users\Melori Bigvava\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-687521651-2007251113-3307527875-1006.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) ==============

2010-12-17 19:53 - 2010-12-17 19:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-04-21 18:07 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-22 16:34 - 2011-08-22 16:34 - 11837440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-06-08 15:03 - 2011-08-18 16:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-06-08 16:04 - 2011-03-26 09:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 19:53 - 2010-12-17 19:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-10-29 21:45 - 2013-10-29 21:45 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-10-29 21:45 - 2013-10-29 21:45 - 00798392 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-06 13:24 - 2014-07-07 20:25 - 01782125 _____ () C:\Users\Melori Bigvava\Java\uMlCkZN.exe
2015-03-21 12:39 - 2015-03-21 12:39 - 00095744 _____ () C:\Users\Melori Bigvava\AppData\Local\Temp\GPUpd550D585B0.exe
2015-03-21 12:49 - 2015-03-19 22:36 - 00885840 _____ () C:\Program Files (x86)\Google\Update\Install\{EB5070E2-7E26-4F49-8E35-E126D4023AE6}\41.0.2272.101_41.0.2272.89_chrome_updater.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-06 18:20 - 2015-03-06 18:21 - 00086528 ____N () C:\Program Files (x86)\Jelbrus Secure Web\mgwz.dll
2011-08-22 16:23 - 2011-08-22 16:23 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2008-02-25 15:09 - 2008-02-25 15:09 - 00200704 _____ () C:\Program Files (x86)\Fomine Net Send GUI\imclient.dll
2014-06-01 10:08 - 2014-06-01 10:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-03-13 19:01 - 2015-03-07 07:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libglesv2.dll
2015-03-13 19:01 - 2015-03-07 07:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libegl.dll
2015-03-13 19:01 - 2015-03-07 07:13 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll
2015-03-13 19:01 - 2015-03-07 07:13 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-687521651-2007251113-3307527875-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LavasoftAdAwareService11 => 2
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: ZuneNetworkSvc => 3
MSCONFIG\Services: ZuneWlanCfgSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk => C:\Windows\pss\Air Mouse.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Melori Bigvava^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Ad-Aware Browsing Protection => "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: Hide ALL IP => "C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NAT Service => C:\Program Files (x86)\NAT Service\natsv.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: uTorrent => "C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-687521651-2007251113-3307527875-500 - Administrator - Enabled) => C:\Users\Administrator.Melori-PC
Gast (S-1-5-21-687521651-2007251113-3307527875-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-687521651-2007251113-3307527875-1008 - Limited - Enabled)
Melori Bigvava (S-1-5-21-687521651-2007251113-3307527875-1006 - Administrator - Enabled) => C:\Users\Melori Bigvava
Sandrtropez (S-1-5-21-687521651-2007251113-3307527875-1004 - Limited - Enabled) => C:\Users\Sandrtropez
UpdatusUser (S-1-5-21-687521651-2007251113-3307527875-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2015 00:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Name des fehlerhaften Moduls: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00427121
ID des fehlerhaften Prozesses: 0x1e34
Startzeit der fehlerhaften Anwendung: 0xuTorrent.exe0
Pfad der fehlerhaften Anwendung: uTorrent.exe1
Pfad des fehlerhaften Moduls: uTorrent.exe2
Berichtskennung: uTorrent.exe3

Error: (03/21/2015 00:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Name des fehlerhaften Moduls: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00427121
ID des fehlerhaften Prozesses: 0x1e14
Startzeit der fehlerhaften Anwendung: 0xuTorrent.exe0
Pfad der fehlerhaften Anwendung: uTorrent.exe1
Pfad des fehlerhaften Moduls: uTorrent.exe2
Berichtskennung: uTorrent.exe3

Error: (03/21/2015 00:29:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2015 00:28:14 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18892

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18892

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/13/2015 11:17:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17722

Error: (03/13/2015 11:17:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17722

Error: (03/13/2015 11:17:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/21/2015 00:33:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (03/21/2015 00:31:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (03/21/2015 00:28:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064

Error: (03/21/2015 00:26:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎03.‎2015 um 16:04:02 unerwartet heruntergefahren.

Error: (03/13/2015 11:16:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (03/13/2015 06:01:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (03/13/2015 05:56:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064

Error: (03/13/2015 05:56:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (03/11/2015 08:34:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (03/11/2015 07:39:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.


Microsoft Office Sessions:
=========================
Error: (03/21/2015 00:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: uTorrent.exe3.4.2.3891354e68b9cuTorrent.exe3.4.2.3891354e68b9cc0000005004271211e3401d063cac1f2dea7C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exeC:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exe006b069a-cfbe-11e4-9e48-a97aece44b0c

Error: (03/21/2015 00:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: uTorrent.exe3.4.2.3891354e68b9cuTorrent.exe3.4.2.3891354e68b9cc0000005004271211e1401d063cac1e39c66C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exeC:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exe0061ded9-cfbe-11e4-9e48-a97aece44b0c

Error: (03/21/2015 00:29:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2015 00:28:14 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18892

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18892

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/13/2015 11:17:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17722

Error: (03/13/2015 11:17:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17722

Error: (03/13/2015 11:17:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-08-03 21:32:43.091
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 18:53:37.748
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-06 18:53:37.611
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 58%
Total physical RAM: 4010.17 MB
Available physical RAM: 1680.61 MB
Total Pagefile: 8018.53 MB
Available Pagefile: 5081 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:27.89 GB) NTFS
Drive d: (21 Jan 2015) (CDROM) (Total:0.69 GB) (Free:0.66 GB) UDF
Drive e: () (Removable) (Total:7.48 GB) (Free:5.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---

cosinus 21.03.2015 13:36
FRTS.txt Logfile ist leider unvollständig, bitte komplett posten

Und zukünftig bitte beachten:
Zitat:
Running from C:\Users\Melori Bigvava\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Sandro91 22.03.2015 14:32
Entschuldige nochmal auf's Neue :)
Zip Ordner mit angehongen

cosinus 22.03.2015 16:48
Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Sandro91 22.03.2015 19:19

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Melori Bigvava (administrator) on MELORI-PC on 22-03-2015 14:10:23
Running from C:\Users\Melori Bigvava\Desktop
Loaded Profiles: UpdatusUser & Melori Bigvava & Administrator (Available profiles: UpdatusUser & Sandrtropez & Melori Bigvava & Administrator & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\LauncherService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(FOMINE SOFTWARE) C:\Program Files (x86)\Fomine Net Send GUI\NetSendGUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ITSecTeam) C:\Program Files (x86)\Havij\Havij.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Proxy Switcher) C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe
(FOMINE SOFTWARE) C:\Program Files (x86)\Fomine Net Send GUI\NetSendGUI.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
() C:\Users\Melori Bigvava\Java\uMlCkZN.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Melori Bigvava\AppData\Local\Temp\winomflkn.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Farbar) C:\Users\Melori Bigvava\Desktop\FRST64 (2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6561384 2010-12-14] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1715320 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [513168 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [326528 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [NAT Service] => C:\Program Files (x86)\NAT Service\natsv.exe
HKLM-x32\...\Run: [Windows*Updates] => c:\windows\system\Update.exe
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2011-08-22] (VMware, Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [634368 2011-10-10] (Dell)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Users\Melori Bigvava\Documents\Windupdt\winupdate.exe,C:\Users\Melori Bigvava\Documents\Windupdt\winupdate.exe,C:\Users\Melori Bigvava\Documents\Windupdt\winupdate.exe,C:\Users\Melori Bigvava\Documents\Windupdt\winupdate.exe,C:\Users\Melori Bigvava\Documents\Windupdt\winupdate.exe,C:\Users\Melori Bigvava\Documents\Windupdt\winupdate.exe,C:\Users\Melori Bigvava\Documents\Windupdt\winupdate.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\msdcsc.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\oFJL1bJ3RE1Z\msdcsc.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\FBlzdMBZTrLo\msdcsc.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\DPRCZcXYStwj\msdcsc.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\bQcdSnAk1kQg\msdcsc.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\uTS7Z7PNPiAD\msdcsc.exe,C:\ProgramData\Microsoft\Windows\Start Menu\MSDCSC\mspatcher.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\uTS7Z7PNPiAD\uTS7Z7PNPiAD\msdcsc.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\uTS7Z7PNPiAD\uTS7Z7PNPiAD\msdcsc.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\uTS7Z7PNPiAD\uTS7Z7PNPiAD\msdcsc.exe,C:\Users\Melori Bigvava\Desktop\MSDCSC\uTS7Z7PNPiAD\uTS7Z7PNPiAD\msdcsc.exe,C:\Users\Administrator.Melori-PC\Desktop\MSDCSC\msdcsc.exe,C:\Users\Administrator.Melori-PC\Desktop\MSDCSC\FBlzdMBZTrLo\msdcsc.exe,C:\Users\Administrator.Melori-PC\Desktop\MSDCSC\oFJL1bJ3RE1Z\msdcsc.exe,C:\Users\Administrator.Melori-PC\Desktop\MSDCSC\msdcsc.exe,C:\Users\Administrator.Melori-PC\Desktop\MSDCSC\msdcsc.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [Policies] => c:\Windows\dir\install\install\Bifrost.exe No File
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Run: [Windows*Updates] => c:\windows\system\Update.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Run: [name] => C:\Users\UpdatusUser\Desktop\MSDCSC\FBlzdMBZTrLo\msdcsc.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Run: [hacked] => C:\Users\UpdatusUser\Desktop\MSDCSC\uTS7Z7PNPiAD\msdcsc.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Run: [msupdater] => C:\Users\UpdatusUser\AppData\Roaming\Aegis Crypter.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Run: [svchost] => C:\ProgramData\Microsoft\Windows\Start Menu\MSDCSC\mspatcher.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\RunOnce: [Java] => C:\Users\Melori Bigvava\Java\uMlCkZN.exe [1782125 2014-07-07] ()
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Policies\Explorer\Run: [Policies] => c:\Windows\dir\install\install\Bifrost.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Policies\Explorer: [NoFolderOptions] 1
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Winlogon: [Shell] "C:\Users\Melori Bigvava\AppData\Roaming\4ihhV7t7XB2SXiK6\4VgqZQhKCTM6.exe",explorer.exe <==== ATTENTION
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [Windows*Updates] => c:\windows\system\Update.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [name] => C:\Users\Melori Bigvava\Desktop\MSDCSC\oFJL1bJ3RE1Z\msdcsc.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [hacked] => C:\Users\Melori Bigvava\Desktop\MSDCSC\uTS7Z7PNPiAD\msdcsc.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [msupdater] => C:\Users\Melori Bigvava\AppData\Roaming\Aegis Crypter.exe [2708992 2014-03-12] ()
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [svchost] => C:\ProgramData\Microsoft\Windows\Start Menu\MSDCSC\mspatcher.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [uTorrent] => C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exe [1819728 2015-03-06] (BitTorrent Inc.)
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [EpicScale] => [X]
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Run: [PSwitch] => C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe [6008376 2015-03-03] (Proxy Switcher)
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\RunOnce: [Java] => C:\Users\Melori Bigvava\Java\uMlCkZN.exe [1782125 2014-07-07] ()
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Policies\Explorer\Run: [Policies] => c:\Windows\dir\install\install\Bifrost.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Policies\Explorer: [NoFolderOptions] 1
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\Winlogon: [Shell] "C:\Users\Melori Bigvava\AppData\Roaming\4ihhV7t7XB2SXiK6\pQtTSVV2ZPd4.exe",explorer.exe <==== ATTENTION
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-687521651-2007251113-3307527875-500\...\Run: [name] => C:\Users\Administrator.Melori-PC\Desktop\MSDCSC\oFJL1bJ3RE1Z\msdcsc.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-500\...\Run: [hacked] => C:\Users\Administrator.Melori-PC\Desktop\MSDCSC\msdcsc.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-500\...\Run: [svchost] => C:\ProgramData\Microsoft\Windows\Start Menu\MSDCSC\mspatcher.exe
HKU\S-1-5-21-687521651-2007251113-3307527875-500\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-687521651-2007251113-3307527875-500\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-687521651-2007251113-3307527875-500\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-687521651-2007251113-3307527875-500\...\Winlogon: [Shell] "C:\Users\Administrator.Melori-PC\AppData\Roaming\4ihhV7t7XB2SXiK6\WuG01ZGoKsgA.exe",explorer.exe <==== ATTENTION
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Net Send GUI.lnk
ShortcutTarget: Net Send GUI.lnk -> C:\Program Files (x86)\Fomine Net Send GUI\NetSendGUI.exe (FOMINE SOFTWARE)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Sandrtropez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
AlternateShell:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:61809;https=127.0.0.1:61809
ProxyServer: [S-1-5-21-687521651-2007251113-3307527875-1000] => http=127.0.0.1:8887;https=127.0.0.1:8887
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.thesearchpage.info/?pid=377&r=2015/01/12&hid=6270598502493519231&lg=EN&cc=DE&unqvl=74
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-687521651-2007251113-3307527875-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-687521651-2007251113-3307527875-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.thesearchpage.info/?pid=377&r=2015/01/12&hid=6270598502493519231&lg=EN&cc=DE&unqvl=74
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {A47EB21E-D6A2-4BB2-A479-993030722E1D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=377&r=2015/01/12&hid=6270598502493519231&lg=EN&cc=DE&unqvl=74
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=377&r=2015/01/12&hid=6270598502493519231&lg=EN&cc=DE&unqvl=74
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-687521651-2007251113-3307527875-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-14&gen=chipde&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-687521651-2007251113-3307527875-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=377&r=2015/01/12&hid=6270598502493519231&lg=EN&cc=DE&unqvl=74
SearchScopes: HKU\S-1-5-21-687521651-2007251113-3307527875-1006 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-14&gen=chipde&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll [2012-12-11] (AVM Berlin)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-08] (Sun Microsystems, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-12-18] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-18] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-29] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: SecureWebBHO Class -> {D3C24E2B-C820-4492-9B69-11BF7163F998} -> C:\Program Files (x86)\Jelbrus Secure Web\jsie.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-18] (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-687521651-2007251113-3307527875-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKU\S-1-5-21-687521651-2007251113-3307527875-1006 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Melori Bigvava\AppData\Roaming\Mozilla\Firefox\Profiles\dqpy0xp3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-06-08] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-21] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-687521651-2007251113-3307527875-1006: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Melori Bigvava\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-04-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-04-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-04-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-04-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-04-21] (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\GoSearch.xml [2015-03-21]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-09-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: Firefox Helper - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\c9690aab4ced8e2f71c1680b52db4baf [2015-03-06]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-12-21]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "https://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (prIcechop) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\afolcmoddmlponapfoeaehhbcddhpjgp [2014-08-13]
CHR Extension: (Google Docs) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-21]
CHR Extension: (Google Drive) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-26]
CHR Extension: (YouTube) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-26]
CHR Extension: (Google Search) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-26]
CHR Extension: (NeexTCOuap) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnmmcjhmajiimjocjhpdallakimogkpn [2014-08-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-21]
CHR Extension: (Gmail) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-26]
CHR Profile: C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (prIcechop) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\afolcmoddmlponapfoeaehhbcddhpjgp [2014-08-13]
CHR Extension: (Google Docs) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-02]
CHR Extension: (Google Drive) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-02]
CHR Extension: (Google Search) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-02]
CHR Extension: (NeexTCOuap) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dnmmcjhmajiimjocjhpdallakimogkpn [2014-08-15]
CHR Extension: (Chrome to Mobile) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-08-13]
CHR Extension: (NNExtCCoup) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lgllgojlnobfgkohndkdpmgdjlkehkfi [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-02]
CHR Extension: (Gmail) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-02]
CHR Profile: C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (prIcechop) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\afolcmoddmlponapfoeaehhbcddhpjgp [2014-08-13]
CHR Extension: (Google Docs) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-02]
CHR Extension: (Google Drive) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-02]
CHR Extension: (Google Search) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-02]
CHR Extension: (NeexTCOuap) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dnmmcjhmajiimjocjhpdallakimogkpn [2014-08-15]
CHR Extension: (Chrome to Mobile) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-08-13]
CHR Extension: (NNExtCCoup) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lgllgojlnobfgkohndkdpmgdjlkehkfi [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-02]
CHR Extension: (Gmail) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-02]
CHR Profile: C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Docs) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-23]
CHR Extension: (Google Drive) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-23]
CHR Extension: (Google Search) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-23]
CHR Extension: (Avira Browser Safety) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-23]
CHR Extension: (Google Wallet) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-23]
CHR Extension: (Astromenda New Tab) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-08-23]
CHR Extension: (Gmail) - C:\Users\Melori Bigvava\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-23]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-687521651-2007251113-3307527875-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2010-12-14] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-12-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [974912 2010-12-14] (Intel Corporation) [File not signed]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-08-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-13] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1609820 2005-11-17] (MAGIX®) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 HideIPLaucherService; C:\Program Files (x86)\Hide ALL IP\LauncherService.exe [489328 2014-01-24] (www.hideallip.com)
S2 Live Malware Protection; C:\Windows\mlwps.exe [239104 2015-03-06] (AV Security Software) [File not signed] <==== ATTENTION
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S4 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-10-27] (The OpenVPN Project)
R2 PrivoxyService; C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe [371200 2015-03-06] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SCEFSMounter; C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe [79872 2012-06-20] (Sony Computer Entertainment Inc.) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S4 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2011-08-22] (VMware, Inc.) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11837440 2011-08-22] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 LavasoftAdAwareService11; "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2014-08-21] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2014-08-21] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2014-08-21] (BitDefender)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2014-07-10] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2014-07-10] (BitDefender LLC)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-13] (BlueStack Systems)
S3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-07-10] (BitDefender LLC)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [615728 2012-03-28] (Kaspersky Lab)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
R1 pfs_dokan; C:\Windows\System32\DRIVERS\pfs_dokan.sys [56496 2012-06-20] (Sony Computer Entertainment Inc.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software)
R3 voxaldriver; C:\Windows\System32\DRIVERS\voxaldriverx64.sys [34512 2014-11-09] ()
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 14:10 - 2015-03-22 14:12 - 00043095 _____ () C:\Users\Melori Bigvava\Desktop\FRST.txt
2015-03-22 14:09 - 2015-03-22 14:07 - 02095616 _____ (Farbar) C:\Users\Melori Bigvava\Desktop\FRST64 (2).exe
2015-03-22 14:07 - 2015-03-22 14:07 - 02095616 _____ (Farbar) C:\Users\Melori Bigvava\Downloads\FRST64 (2).exe
2015-03-22 13:46 - 2015-03-22 13:46 - 05054838 _____ () C:\Users\Administrator.Melori-PC\Downloads\httpd-2.4.12.tar.bz2
2015-03-22 13:46 - 2015-03-22 13:46 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Roaming\WinRAR
2015-03-22 13:27 - 2015-03-22 13:27 - 00000011 _____ () C:\Users\Administrator.Melori-PC\Desktop\.bat
2015-03-22 13:27 - 2015-03-22 13:27 - 00000000 _____ () C:\Users\Administrator.Melori-PC\Desktop\Neues Textdokument.txt
2015-03-22 13:19 - 2015-03-22 13:19 - 00000000 __SHD () C:\Users\Administrator.Melori-PC\AppData\Local\EmieSiteList
2015-03-21 12:51 - 2015-03-21 12:51 - 02095616 _____ (Farbar) C:\Users\Melori Bigvava\Downloads\FRST64 (1).exe
2015-03-13 18:10 - 2015-03-13 18:11 - 13872721 _____ () C:\Users\Melori Bigvava\Downloads\4.70.Version.Spoofer.Habib.4.66.Cobra.By.HiJaM.GunZ.HoSteR.v1.rar
2015-03-13 18:04 - 2015-03-13 18:04 - 05103333 _____ () C:\Users\Melori Bigvava\Downloads\SEN Enabler v5.8.0 [CEX-DEX] [4.70].rar
2015-03-13 18:04 - 2015-03-13 18:04 - 05103333 _____ () C:\Users\Melori Bigvava\Downloads\SEN Enabler v5.8.0 [CEX-DEX] [4.70] (1).rar
2015-03-11 19:47 - 2015-03-11 19:47 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Local\Apple
2015-03-10 17:27 - 2015-03-10 17:27 - 00000196 _____ () C:\Users\Melori Bigvava\Downloads\97b85b96-bcb3-418c-81b3-6a23a5c0d6a0.htm
2015-03-10 17:25 - 2015-03-10 17:25 - 00187087 _____ () C:\Users\Melori Bigvava\Downloads\HABIB ToolBox.rar
2015-03-10 17:24 - 2015-03-10 17:25 - 13655369 _____ () C:\Users\Melori Bigvava\Downloads\PSNPatch.rar
2015-03-10 16:59 - 2015-03-10 17:01 - 37226351 _____ () C:\Users\Melori Bigvava\Downloads\Spoof_4.70_Enabler-Disabler_v1.15_by_arch.pkg.973.v1.15_brewology_com.pkg
2015-03-10 16:37 - 2015-03-10 16:37 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\NetMon
2015-03-10 16:37 - 2015-03-10 16:37 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetMon
2015-03-10 16:35 - 2015-03-21 12:37 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2015-03-10 16:33 - 2015-03-10 16:33 - 00103140 _____ () C:\lrften.exe
2015-03-10 16:31 - 2015-03-10 16:31 - 06208736 _____ (Tim Kosse) C:\Users\Melori Bigvava\Downloads\FileZilla_3.10.2_win32-setup.exe
2015-03-06 21:55 - 2011-08-22 17:07 - 00062064 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2015-03-06 21:53 - 2011-08-22 17:07 - 00354416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2015-03-06 21:53 - 2011-08-22 17:06 - 00432752 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2015-03-06 21:53 - 2011-08-22 17:06 - 00030320 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2015-03-06 21:52 - 2011-08-22 17:07 - 00942192 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2015-03-06 21:49 - 2011-08-21 23:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2015-03-06 21:46 - 2015-03-06 21:46 - 00002137 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk
2015-03-06 21:46 - 2015-03-06 21:46 - 00001024 _____ () C:\.rnd
2015-03-06 21:46 - 2015-03-06 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2015-03-06 21:44 - 2015-03-22 13:16 - 00000000 ____D () C:\ProgramData\VMware
2015-03-06 21:44 - 2015-03-06 21:44 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2015-03-06 21:44 - 2015-03-06 21:44 - 00000000 ____D () C:\Program Files (x86)\VMware
2015-03-06 21:43 - 2015-03-06 22:00 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\preseed
2015-03-06 21:43 - 2015-03-06 22:00 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\isolinux
2015-03-06 21:40 - 2015-03-06 21:40 - 00000000 ____D () C:\Program Files\Common Files\VMware
2015-03-06 21:36 - 2015-03-06 21:36 - 00003078 _____ () C:\Windows\System32\Tasks\{1384B26F-621A-4A1A-BE53-1215852B8C18}
2015-03-06 21:32 - 2015-03-06 22:00 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\casper
2015-03-06 21:32 - 2015-03-06 21:46 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\.disk
2015-03-06 21:32 - 2012-08-09 23:09 - 00001284 _____ () C:\Users\Melori Bigvava\Desktop\md5sum.txt
2015-03-06 21:32 - 2011-03-05 21:44 - 00000000 _____ () C:\Users\Melori Bigvava\Desktop\ubuntu
2015-03-06 21:32 - 2011-03-05 21:41 - 00000200 _____ () C:\Users\Melori Bigvava\Desktop\README.diskdefines
2015-03-06 21:31 - 2015-03-06 21:32 - 00000000 ____D () C:\Users\Melori Bigvava\Downloads\BT5R3-GNOME-64
2015-03-06 21:23 - 2015-03-06 21:23 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Roaming\Macromedia
2015-03-06 21:23 - 2015-03-06 21:23 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Local\Macromedia
2015-03-06 21:22 - 2015-03-06 21:23 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Roaming\Mozilla
2015-03-06 21:22 - 2015-03-06 21:23 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Local\Mozilla
2015-03-06 21:19 - 2015-03-06 21:19 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-06 21:17 - 2015-03-06 21:18 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Administrator.Melori-PC\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-06 21:00 - 2015-03-10 16:29 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Roaming\E5EB7324-8E28-4749-8BC8-0945026920B2
2015-03-06 20:59 - 2015-03-11 19:33 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Roaming\4ihhV7t7XB2SXiK6
2015-03-06 20:59 - 2015-03-06 21:17 - 00002249 _____ () C:\Users\Administrator.Melori-PC\Desktop\Google Chrome.lnk
2015-03-06 20:59 - 2015-03-06 20:59 - 00079752 _____ () C:\Users\Administrator.Melori-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-06 20:59 - 2015-03-06 20:59 - 00001383 _____ () C:\Users\Administrator.Melori-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-06 20:59 - 2015-03-06 20:59 - 00000000 ___RD () C:\Users\Administrator.Melori-PC\Podcasts
2015-03-06 20:59 - 2015-03-06 20:59 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Roaming\Canon
2015-03-06 20:59 - 2015-03-06 20:59 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Roaming\Adobe
2015-03-06 20:59 - 2015-03-06 20:59 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Local\Google
2015-03-06 20:57 - 2015-03-10 16:29 - 00000000 __SHD () C:\Users\Administrator.Melori-PC\Desktop\MSDCSC
2015-03-06 20:57 - 2015-03-06 20:57 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Roaming\Intel
2015-03-06 20:55 - 2015-03-06 20:59 - 00000000 ____D () C:\Users\Administrator.Melori-PC
2015-03-06 20:55 - 2015-03-06 20:57 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Local\SoftThinks
2015-03-06 20:55 - 2015-03-06 20:55 - 00000020 ___SH () C:\Users\Administrator.Melori-PC\ntuser.ini
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Vorlagen
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Startmenü
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Netzwerkumgebung
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Lokale Einstellungen
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Eigene Dateien
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Druckumgebung
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Documents\Eigene Musik
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Documents\Eigene Bilder
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\AppData\Local\Verlauf
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\AppData\Local\Anwendungsdaten
2015-03-06 20:55 - 2015-03-06 20:55 - 00000000 _SHDL () C:\Users\Administrator.Melori-PC\Anwendungsdaten
2015-03-06 20:55 - 2014-09-11 21:17 - 00000000 ____D () C:\Users\Administrator.Melori-PC\Documents\Visual Studio 2008
2015-03-06 20:55 - 2014-09-11 21:16 - 00000000 ____D () C:\Users\Administrator.Melori-PC\AppData\Local\Microsoft Help
2015-03-06 20:55 - 2014-08-06 08:32 - 00000000 ____D () C:\Users\Administrator.Melori-PC\Documents\Visual Studio 2010
2015-03-06 20:55 - 2014-06-22 13:03 - 00000000 ____D () C:\Users\Administrator.Melori-PC\Documents\Visual Studio 2012
2015-03-06 20:55 - 2011-06-08 15:24 - 00000000 ___RD () C:\Users\Administrator.Melori-PC\Desktop\Spiele spielen
2015-03-06 20:55 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Administrator.Melori-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-06 20:55 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Administrator.Melori-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-06 20:53 - 2015-03-06 20:53 - 00003408 ____N () C:\bootsqm.dat
2015-03-06 20:50 - 2015-03-06 20:50 - 00000000 __SHD () C:\found.002
2015-03-06 20:04 - 2015-03-06 20:04 - 00000065 _____ () C:\Users\Melori Bigvava\Desktop\wichtig.txt
2015-03-06 20:02 - 2015-03-06 20:03 - 01388333 _____ (Thisisu) C:\Users\Melori Bigvava\Downloads\JRT (2).exe
2015-03-06 20:02 - 2015-03-06 20:03 - 00686505 _____ (Thisisu) C:\Users\Melori Bigvava\Downloads\JRT (1).exe
2015-03-06 19:45 - 2015-03-06 19:45 - 01388333 _____ (Thisisu) C:\Users\Melori Bigvava\Downloads\JRT.exe
2015-03-06 19:39 - 2015-03-06 19:50 - 00000000 ____D () C:\Users\Melori Bigvava\Downloads\VMware.Workstation.v8.0.0.471780.Incl.Keymaker-ZWT
2015-03-06 19:22 - 2015-03-06 19:22 - 00028626 _____ () C:\Users\Melori Bigvava\Desktop\proxy.txt
2015-03-06 19:16 - 2015-03-06 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-06 19:09 - 2015-03-06 19:09 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Melori Bigvava\Downloads\SpyHunter-installer (1).exe
2015-03-06 19:00 - 2015-03-06 19:00 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\p2pvpn-0.8-bin
2015-03-06 18:58 - 2015-03-06 20:06 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\mbar
2015-03-06 18:56 - 2015-03-06 18:57 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Melori Bigvava\Downloads\mbar-1.09.1.1004.exe
2015-03-06 18:52 - 2015-03-06 18:52 - 02314734 _____ () C:\Users\Melori Bigvava\Downloads\p2pvpn-0.8-bin.zip
2015-03-06 18:50 - 2015-03-06 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard
2015-03-06 18:50 - 2015-03-06 18:50 - 00000000 ____D () C:\Program Files (x86)\Proxy Switcher Standard
2015-03-06 18:49 - 2015-03-06 18:50 - 05513904 _____ (V-Tech LLC ) C:\Users\Melori Bigvava\Downloads\ProxySwitcherStandard (1).exe
2015-03-06 18:49 - 2015-03-06 18:49 - 01811608 _____ () C:\Users\Melori Bigvava\Downloads\openvpn-install-2.3.6-i001-x86_64.exe
2015-03-06 18:45 - 2015-03-06 20:09 - 00000000 ____D () C:\AdwCleaner
2015-03-06 18:45 - 2015-03-06 18:45 - 02126848 _____ () C:\Users\Melori Bigvava\Downloads\adwcleaner_4.111.exe
2015-03-06 18:33 - 2015-03-06 18:34 - 00002591 _____ () C:\Users\Public\Desktop\Proxy Switcher.lnk
2015-03-06 18:33 - 2015-03-06 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher
2015-03-06 18:33 - 2015-03-06 18:34 - 00000000 ____D () C:\Program Files (x86)\Proxy Switcher
2015-03-06 18:30 - 2015-03-06 18:30 - 01131204 _____ () C:\Users\Melori Bigvava\Downloads\ProxySwitcherSetup (1).zip
2015-03-06 18:28 - 2015-03-06 18:29 - 00000000 ____D () C:\ProgramData\EpicScale
2015-03-06 18:28 - 2015-03-06 18:28 - 00000824 _____ () C:\Users\Melori Bigvava\Desktop\µTorrent.lnk
2015-03-06 18:27 - 2015-03-06 18:27 - 00066344 _____ () C:\Users\Melori Bigvava\Downloads\switchproxy_tool-1.4.1-fx+mz+tb.xpi
2015-03-06 18:26 - 2015-03-06 18:26 - 01742928 _____ (BitTorrent Inc.) C:\Users\Melori Bigvava\Downloads\uTorrent (1).exe
2015-03-06 18:24 - 2015-03-06 18:24 - 00000814 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-03-06 18:22 - 2015-03-06 18:22 - 00000000 ____D () C:\Program Files\Oracle VM VirtualBox
2015-03-06 18:21 - 2015-03-06 18:21 - 00003298 _____ () C:\Windows\System32\Tasks\Jelbrus Secure Web Task
2015-03-06 18:20 - 2015-03-10 17:02 - 00000000 ____D () C:\Program Files (x86)\Jelbrus Secure Web
2015-03-06 18:20 - 2015-03-06 20:03 - 1462227652 _____ () C:\Users\Melori Bigvava\Downloads\BT5R3-GNOME-64.iso
2015-03-06 18:20 - 2015-03-06 18:20 - 00239104 _____ (AV Security Software) C:\Windows\mlwps.exe
2015-03-06 18:20 - 2015-03-06 18:20 - 00003296 _____ () C:\Windows\System32\Tasks\Malware Cleaner
2015-03-06 18:20 - 2015-03-06 18:20 - 00000000 _____ () C:\Users\Melori Bigvava\AppData\Roaming\E11A.tmp
2015-03-06 18:19 - 2015-03-06 18:20 - 00003276 _____ () C:\Windows\System32\Tasks\Get Plus Uplifter
2015-03-06 18:19 - 2015-03-06 18:20 - 00000000 ____D () C:\Program Files (x86)\PrivateVPN
2015-03-06 18:19 - 2015-03-06 18:19 - 00181288 _____ (Jelbrus LLC) C:\Users\Melori Bigvava\Downloads\VMware.Workstation.v8.0.0.471780.Incl.Keymaker-ZWT.exe
2015-03-03 22:11 - 2015-03-03 22:13 - 00000011 _____ () C:\Users\Melori Bigvava\Desktop\something.bat
2015-03-03 22:10 - 2015-03-03 22:10 - 00000000 _____ () C:\Users\Melori Bigvava\Desktop\Neues Textdokument.txt
2015-03-03 22:09 - 2015-03-03 22:09 - 00516936 _____ () C:\Users\Melori Bigvava\Downloads\pwdump7.zip
2015-03-03 21:56 - 2015-03-03 21:56 - 00000000 ____D () C:\Windows\dir
2015-03-03 21:48 - 2015-03-03 21:48 - 01012430 _____ () C:\Users\Melori Bigvava\Downloads\Bifrost 1.2D.rar
2015-03-03 21:48 - 2012-09-08 02:39 - 00967168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BiFrOsT 1.2D.EXE
2015-03-03 21:47 - 2015-03-03 21:47 - 00027717 _____ () C:\Users\Melori Bigvava\Downloads\bifrost-server.zip
2015-03-03 21:34 - 2005-10-26 23:26 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\sub7legends
2015-03-03 21:33 - 2015-03-03 21:34 - 01336590 _____ () C:\Users\Melori Bigvava\Downloads\sub7legends.zip
2015-03-03 21:02 - 2015-03-03 21:03 - 13894731 _____ () C:\Users\Melori Bigvava\Downloads\DarkComet.rar
2015-03-03 20:56 - 2015-03-03 20:56 - 00239648 _____ () C:\Users\Melori Bigvava\Downloads\DUCSetup_v4_1_0.exe
2015-03-03 20:56 - 2015-03-03 20:56 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-03-03 20:56 - 2015-03-03 20:56 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Local\Vitalwerks
2015-03-03 20:56 - 2015-03-03 20:56 - 00000000 ____D () C:\Program Files (x86)\No-IP
2015-03-03 20:43 - 2015-03-03 20:44 - 03075112 _____ () C:\Users\Melori Bigvava\Downloads\ProRat 1.9.rar
2015-03-02 22:25 - 2014-03-12 20:42 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\Aegis Crypter 6.0
2015-03-02 22:23 - 2015-03-10 16:29 - 00000000 __SHD () C:\ProgramData\Microsoft\Windows\Start Menu\MSDCSC
2015-03-02 22:23 - 2014-03-12 20:40 - 02708992 _____ () C:\Users\Melori Bigvava\AppData\Roaming\Aegis Crypter.exe
2015-03-02 22:21 - 2015-03-02 22:22 - 02797985 _____ () C:\Users\Melori Bigvava\Downloads\Aegis Crypter 6.0.zip
2015-03-02 22:20 - 2015-03-02 22:20 - 01007272 _____ () C:\Users\Melori Bigvava\Downloads\Crypter + Pack .rar
2015-03-02 22:19 - 2015-03-02 22:19 - 04417664 _____ () C:\Users\Melori Bigvava\Downloads\KazyCrypter-v20150218-setup-FUD.zip
2015-03-02 22:17 - 2015-03-02 22:17 - 00851046 _____ () C:\Users\Melori Bigvava\Downloads\[Setup] Alpha Crypter.exe
2015-03-02 22:17 - 2015-03-02 22:17 - 00000000 ____D () C:\Program Files\Alpha Crypter
2015-03-02 22:15 - 2015-03-02 22:15 - 01331985 _____ () C:\Users\Melori Bigvava\Downloads\AlphaCrypter_v0.1.rar
2015-03-02 22:04 - 2015-03-02 22:04 - 00674304 ___SH (Microsoft Corp.) C:\Users\Melori Bigvava\Desktop\Name*3pm.exe
2015-03-02 22:03 - 2015-03-03 21:03 - 00000712 _____ () C:\Users\Melori Bigvava\Desktop\config.ini
2015-03-02 22:03 - 2015-03-03 20:35 - 00043008 _____ () C:\Users\Melori Bigvava\Desktop\comet.db
2015-03-02 22:02 - 2015-03-02 22:02 - 00000148 _____ () C:\Users\Melori Bigvava\Desktop\yxcdfd.txt
2015-03-02 21:48 - 2015-03-06 18:21 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-02 21:48 - 2015-03-06 18:21 - 00001100 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-02 21:48 - 2015-03-02 21:48 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Mozilla
2015-03-02 21:48 - 2015-03-02 21:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-02 21:46 - 2015-03-02 21:46 - 00243576 _____ () C:\Users\Melori Bigvava\Downloads\Firefox Setup Stub 36.0.exe
2015-03-01 20:33 - 2015-03-06 21:16 - 00000000 __SHD () C:\Users\Melori Bigvava\Desktop\MSDCSC
2015-03-01 20:20 - 2012-06-03 20:38 - 00002542 _____ () C:\Users\Melori Bigvava\Desktop\readme_help.txt
2015-03-01 20:20 - 2012-06-03 20:18 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\Goodies
2015-03-01 20:20 - 2012-06-03 20:16 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\Celesty Binder
2015-03-01 20:20 - 2012-03-16 15:23 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\Plugins SRC
2015-03-01 20:20 - 2012-01-15 17:55 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\Spoof extensions
2015-03-01 20:20 - 2011-08-20 15:15 - 01198612 _____ () C:\Users\Melori Bigvava\Desktop\GeoIP.dat
2015-03-01 20:20 - 2011-08-20 15:14 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\skins
2015-03-01 20:20 - 2011-08-20 15:14 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\Icons
2015-03-01 20:20 - 2011-02-04 08:26 - 00522752 _____ () C:\Users\Melori Bigvava\Desktop\sqlite3.dll
2015-03-01 20:19 - 2015-03-01 20:19 - 15634940 _____ () C:\Users\Melori Bigvava\Downloads\DarkCometRAT531_1.zip
2015-03-01 20:11 - 2015-03-01 20:11 - 00001324 _____ () C:\Users\Melori Bigvava\Desktop\PC Inspector File Recovery.lnk
2015-03-01 20:11 - 2015-03-01 20:11 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2015-03-01 20:11 - 2015-03-01 20:11 - 00000000 ____D () C:\Program Files (x86)\Convar
2015-03-01 20:10 - 2015-03-01 20:10 - 03462033 _____ () C:\Users\Melori Bigvava\Downloads\pci_filerecovery.exe
2015-02-28 23:14 - 2015-02-28 23:14 - 01293199 _____ () C:\Users\Melori Bigvava\Downloads\Free Boot Source.zip
2015-02-28 23:12 - 2015-02-28 23:17 - 00000000 ____D () C:\Users\Melori Bigvava\Desktop\Neuer Ordner
2015-02-28 22:42 - 2015-02-28 22:43 - 45109352 _____ (Skype Technologies S.A.) C:\Users\Melori Bigvava\Downloads\SkypeSetup71Full.exe
2015-02-26 20:54 - 2015-02-26 20:53 - 58096818 _____ () C:\Users\Melori Bigvava\Desktop\LOGONINSTALLATION.trec
2015-02-26 20:52 - 2015-02-26 20:52 - 00736436 _____ () C:\Users\Melori Bigvava\Downloads\FBILogin (3).logonxp
2015-02-26 20:52 - 2015-02-26 20:52 - 00000035 _____ () C:\Users\Melori Bigvava\Downloads\FBILogin (1).logonvista
2015-02-26 20:52 - 2015-02-26 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2015-02-26 20:51 - 2015-02-26 20:51 - 09791080 _____ () C:\Users\Melori Bigvava\Downloads\LogonStudio_public (1).exe
2015-02-26 20:49 - 2015-02-26 20:49 - 01203488 _____ () C:\Users\Melori Bigvava\Downloads\LogonStudio - CHIP-Installer (1).exe
2015-02-26 20:49 - 2015-02-26 20:49 - 00736436 _____ () C:\Users\Melori Bigvava\Downloads\FBILogin (2).logonxp
2015-02-26 20:48 - 2009-07-14 02:28 - 20268032 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll
2015-02-26 20:42 - 2015-02-26 20:42 - 01203488 _____ () C:\Users\Melori Bigvava\Downloads\LogonStudio - CHIP-Installer.exe
2015-02-26 20:42 - 2015-02-26 20:42 - 00736436 _____ () C:\Users\Melori Bigvava\Downloads\FBILogin (1).logonxp
2015-02-25 20:41 - 2015-03-03 22:10 - 00041359 _____ () C:\Users\Melori Bigvava\Documents\netscan.xml
2015-02-25 20:04 - 2015-02-25 20:04 - 00001888 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Net Send GUI.lnk
2015-02-25 20:04 - 2015-02-25 20:04 - 00001876 _____ () C:\Users\Public\Desktop\Net Send GUI.lnk
2015-02-25 20:04 - 2015-02-25 20:04 - 00000000 ____D () C:\Program Files (x86)\Fomine Net Send GUI
2015-02-25 20:01 - 2015-02-25 20:01 - 00605636 _____ () C:\Users\Melori Bigvava\Downloads\netsend27.exe
2015-02-25 19:36 - 2015-02-25 19:36 - 02878887 _____ () C:\Users\Melori Bigvava\Downloads\netscan-603.zip
2015-02-25 13:50 - 2015-02-25 13:50 - 00000000 _____ () C:\Windows\cdplayer.ini
2015-02-25 13:49 - 2015-02-25 18:05 - 00000000 ____D () C:\Program Files (x86)\Feurio
2015-02-25 13:49 - 2015-02-25 13:49 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Feurio!
2015-02-25 13:48 - 2015-02-25 13:48 - 02543616 _____ (Fangmeier Systemprogrammierung) C:\Users\Melori Bigvava\Downloads\Feurio_168_Install_ger.exe
2015-02-24 22:37 - 2015-02-24 22:37 - 04098239 _____ () C:\Users\Melori Bigvava\Downloads\APIBuilder 1.0.x.zip
2015-02-24 22:37 - 2015-02-24 22:37 - 02197730 _____ () C:\Users\Melori Bigvava\Downloads\TruBootSource.zip
2015-02-24 22:37 - 2015-02-24 22:37 - 01391471 _____ () C:\Users\Melori Bigvava\Downloads\PrettyBoot-master.zip
2015-02-24 22:37 - 2015-02-24 22:37 - 01379822 _____ () C:\Users\Melori Bigvava\Downloads\RAGEBOOTER V2.2.zip
2015-02-24 22:37 - 2015-02-24 22:37 - 00792883 _____ () C:\Users\Melori Bigvava\Downloads\Legion Booter.zip
2015-02-24 22:37 - 2015-02-24 22:37 - 00211400 _____ () C:\Users\Melori Bigvava\Downloads\onionstresser source.zip
2015-02-24 22:36 - 2015-02-24 22:37 - 17080578 _____ () C:\Users\Melori Bigvava\Downloads\Skype Resolver API Full.zip
2015-02-24 22:36 - 2015-02-24 22:37 - 00190624 _____ () C:\Users\Melori Bigvava\Downloads\API Booter.zip
2015-02-24 22:03 - 2015-02-24 22:03 - 00000645 _____ () C:\Users\Melori Bigvava\Desktop\Hacked.bat
2015-02-24 21:58 - 2015-02-24 21:59 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Audacity
2015-02-24 21:58 - 2015-02-24 21:58 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-02-24 21:58 - 2015-02-24 21:58 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-02-24 21:57 - 2015-02-24 21:58 - 22892794 _____ (Audacity Team ) C:\Users\Melori Bigvava\Downloads\audacity-win-2.0.6.exe
2015-02-24 21:54 - 2015-02-24 21:54 - 00000000 ___RD () C:\Users\Melori Bigvava\Desktop\Teamspeak
2015-02-24 21:53 - 2015-02-24 21:53 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-02-24 21:53 - 2015-02-24 21:53 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Local\TeamSpeak 3 Client
2015-02-24 21:51 - 2015-02-24 21:51 - 00000000 ___RD () C:\Users\Melori Bigvava\Desktop\Defacing
2015-02-24 21:50 - 2015-02-24 21:51 - 30014480 _____ (TeamSpeak Systems GmbH) C:\Users\Melori Bigvava\Downloads\TeamSpeak3-Client-win64-3.0.16.exe
2015-02-24 21:49 - 2015-02-24 21:49 - 04523318 _____ () C:\Users\Melori Bigvava\Downloads\teamspeak3-server_win64-3.0.11.2.zip
2015-02-24 21:49 - 2015-02-24 21:49 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-02-24 18:28 - 2015-02-24 18:28 - 00000000 ____D () C:\Users\Melori Bigvava\Documents\XWidget
2015-02-24 18:26 - 2015-02-24 18:26 - 01203488 _____ () C:\Users\Melori Bigvava\Downloads\Rainmeter Skin Gallery - CHIP-Installer.exe
2015-02-24 18:23 - 2015-02-24 18:23 - 00001668 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-02-24 18:23 - 2015-02-24 18:23 - 00000000 ____D () C:\Users\Melori Bigvava\Documents\Rainmeter
2015-02-24 18:23 - 2015-02-24 18:23 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Rainmeter
2015-02-24 18:23 - 2015-02-24 18:23 - 00000000 ____D () C:\Program Files\Rainmeter
2015-02-24 18:07 - 2015-02-24 18:08 - 62807104 _____ (MediaFire) C:\Users\Melori Bigvava\Downloads\MediaFireDesktop-1.4.17.10772-windows-PRODUCTION.exe
2015-02-24 18:05 - 2015-02-24 18:07 - 119624493 _____ () C:\Users\Melori Bigvava\Downloads\Sheild Os Rainmeter Theme by ApatheticEuphoria.rar
2015-02-24 18:01 - 2015-02-24 21:59 - 00000000 ___RD () C:\Users\Melori Bigvava\Desktop\ALL
2015-02-24 17:51 - 2015-02-24 17:51 - 02098614 _____ () C:\Users\Melori Bigvava\Downloads\tools.zip
2015-02-24 17:49 - 2015-02-24 17:50 - 02228376 _____ () C:\Users\Melori Bigvava\Downloads\Rainmeter-3.0.2.exe
2015-02-24 17:48 - 2015-02-24 17:48 - 81738764 _____ () C:\Users\Melori Bigvava\Downloads\N.A.S.A. Style charan
2015-02-24 17:46 - 2015-02-24 17:46 - 01126042 _____ () C:\Users\Melori Bigvava\Downloads\Nicht bestätigt 672314.crdownload
2015-02-24 17:20 - 2010-11-21 04:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2015-02-24 17:20 - 2009-07-14 02:41 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2015-02-24 17:20 - 2009-07-14 02:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2015-02-24 17:15 - 2015-02-24 17:18 - 86947611 _____ () C:\Users\Melori Bigvava\Downloads\Windows 7 Theme mit Patcher.rar
2015-02-24 17:12 - 2015-02-24 17:12 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\FolderColorize
2015-02-24 17:11 - 2015-02-24 17:11 - 01396040 _____ (Softorino ) C:\Users\Melori Bigvava\Downloads\FolderColorizerSetup.exe
2015-02-24 17:11 - 2015-02-24 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Colorizer
2015-02-24 17:11 - 2015-02-24 17:11 - 00000000 ____D () C:\Program Files\Folder Colorizer
2015-02-23 21:44 - 2015-02-23 21:44 - 00089693 _____ () C:\Users\Melori Bigvava\Downloads\deface page creator v1.rar
2015-02-23 21:34 - 2015-02-23 21:35 - 00001518 _____ () C:\index.html
2015-02-23 21:28 - 2015-02-23 21:28 - 04295757 _____ () C:\Users\Melori Bigvava\Downloads\Deface Page Created v1.2.zip
2015-02-23 21:26 - 2015-02-23 21:26 - 04073209 _____ () C:\Users\Melori Bigvava\Downloads\Deface Page Creator v1.3 (2).zip
2015-02-23 20:55 - 2015-02-24 17:13 - 00000000 ___RD () C:\Users\Melori Bigvava\Desktop\Havij 1.15 Pro Advanced SQL Injection
2015-02-23 20:54 - 2015-02-23 20:54 - 03036575 _____ () C:\Users\Melori Bigvava\Downloads\Havij 1.15 Pro Advanced SQL Injection (1).rar
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\ProgramData\d9031fc3029645e48aa0799ef63914a9
2015-02-23 20:20 - 2015-02-23 20:21 - 63631359 _____ () C:\Users\Melori Bigvava\Downloads\placebo_for_windows_7_by_solmiler-d346dad.rar
2015-02-23 20:16 - 2015-02-23 20:16 - 07965917 _____ () C:\Users\Melori Bigvava\Downloads\npp.6.7.4.Installer.exe
2015-02-23 19:46 - 2015-02-23 19:47 - 07363997 _____ () C:\Users\Melori Bigvava\Downloads\Matrix Reloaded.Dream
2015-02-23 19:44 - 2015-02-23 19:44 - 00696387 _____ () C:\Users\Melori Bigvava\Downloads\FBILogin.logonvista
2015-02-23 19:42 - 2015-02-26 20:48 - 00000000 ____D () C:\Program Files (x86)\Stardock
2015-02-23 19:42 - 2015-02-23 19:42 - 00000000 ____D () C:\ProgramData\Stardock
2015-02-23 19:41 - 2015-02-23 19:41 - 09791080 _____ () C:\Users\Melori Bigvava\Downloads\LogonStudio_public.exe
2015-02-23 19:38 - 2015-02-23 19:38 - 00736436 _____ () C:\Users\Melori Bigvava\Downloads\FBILogin.logonxp
2015-02-22 18:41 - 2015-02-22 18:50 - 205500388 _____ () C:\Users\Melori Bigvava\Downloads\HABIB 4.66 V1.01.PUP
2015-02-22 18:39 - 2015-02-22 18:40 - 08787104 _____ () C:\Users\Melori Bigvava\Downloads\Proper.Spoof.4.66.Rebug.4.46.1.By.HiJaM.GunZ.HoSteR.v1.rar
2015-02-22 18:31 - 2015-02-22 18:35 - 64771168 _____ () C:\Users\Melori Bigvava\Downloads\SPOOF 4.66 version 1.12 for CFW CEX 4.5x or 4.6x by ARCH (1).pkg
2015-02-21 16:31 - 2015-03-10 18:37 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\4ihhV7t7XB2SXiK6
2015-02-21 16:31 - 2015-03-10 16:30 - 00000000 ____D () C:\Program Files (x86)\NAT Service
2015-02-21 16:31 - 2015-03-10 16:26 - 00002712 _____ () C:\Windows\System32\Tasks\NAT Service Task
2015-02-21 16:31 - 2015-03-06 18:17 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\E5EB7324-8E28-4749-8BC8-0945026920B2
2015-02-21 16:31 - 2015-03-06 18:14 - 00002772 _____ () C:\Windows\System32\Tasks\NAT Service
2015-02-21 16:10 - 2015-02-21 16:10 - 00000000 _____ () C:\Users\Melori Bigvava\Downloads\question.txt
2015-02-21 16:10 - 2015-02-21 16:10 - 00000000 _____ () C:\Users\Melori Bigvava\Downloads\answer.txt
2015-02-21 16:08 - 2015-02-21 16:08 - 00000000 _____ () C:\Users\Melori Bigvava\Documents\acc
2015-02-21 16:05 - 2015-02-21 16:05 - 00198656 _____ (WebBotty) C:\Users\Melori Bigvava\Downloads\Ask Megabot(4).exe
2015-02-21 14:52 - 2015-02-21 14:53 - 03706880 _____ (Aless) C:\Users\Melori Bigvava\Downloads\CyberTerror v1.8.exe
2015-02-21 14:49 - 2015-02-21 14:49 - 01007379 _____ () C:\Users\Melori Bigvava\Downloads\CyberTerror v1.9.zip
2015-02-21 14:34 - 2015-02-21 14:34 - 01303302 _____ () C:\Users\Melori Bigvava\Downloads\WhatsApp.Viewer.zip
2015-02-20 19:37 - 2015-02-20 19:37 - 00088248 _____ () C:\Users\Melori Bigvava\Downloads\aStealer.rar
2015-02-20 19:36 - 2015-02-20 19:36 - 00663834 _____ () C:\Users\Melori Bigvava\Downloads\ISR Stealer 0.4.1.rar
2015-02-20 19:35 - 2015-02-20 19:35 - 01126308 _____ () C:\Users\Melori Bigvava\Downloads\AryaN IRC Bot builder.rar
2015-02-20 19:34 - 2015-03-01 20:44 - 03582501 _____ () C:\Users\Melori Bigvava\Downloads\XtremeRAT v2.9.rar
2015-02-20 19:31 - 2015-02-20 19:31 - 01961837 _____ () C:\Users\Melori Bigvava\Downloads\Spy-Net v2.6.rar
2015-02-20 19:21 - 2015-02-20 19:22 - 09543695 _____ () C:\Users\Melori Bigvava\Downloads\WART-master.zip
2015-02-20 19:20 - 2015-02-20 19:20 - 00312159 _____ () C:\Users\Melori Bigvava\Downloads\Whatsapp Pass.rar
2015-02-20 19:17 - 2015-02-20 19:17 - 06990478 _____ () C:\Users\Melori Bigvava\Downloads\whatsappapi.rar
2015-02-20 17:05 - 2015-02-20 17:06 - 00000000 ____D () C:\Program Files (x86)\Hide ALL IP
2015-02-20 17:05 - 2015-02-20 17:05 - 04065040 _____ (www.hideallip.com ) C:\Users\Melori Bigvava\Downloads\hideallipsetup.exe
2015-02-20 17:05 - 2015-02-20 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide ALL IP
2015-02-20 16:31 - 2015-02-20 16:31 - 00106461 _____ () C:\Users\Melori Bigvava\Downloads\SnapChat bomber v1.2.zip
2015-02-20 16:28 - 2015-02-20 16:28 - 00479556 _____ () C:\Users\Melori Bigvava\Downloads\InstagramBot.zip
2015-02-20 16:20 - 2015-02-20 16:20 - 00272896 _____ (TDS) C:\Users\Melori Bigvava\Downloads\Instagram Bot.exe
2015-02-20 16:04 - 2015-02-20 16:04 - 00262160 _____ () C:\Users\Melori Bigvava\Downloads\hacked.exe
2015-02-20 15:58 - 2015-02-20 15:59 - 00204428 _____ () C:\Users\Melori Bigvava\Downloads\Metus - GB Edition (1).rar
2015-02-20 15:50 - 2015-02-20 15:51 - 00063341 _____ () C:\Users\Melori Bigvava\Downloads\BioZombie 1.5.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 14:12 - 2012-09-03 12:27 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Skype
2015-03-22 14:11 - 2012-05-27 16:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-22 14:10 - 2014-08-08 22:22 - 00000000 ____D () C:\FRST
2015-03-22 14:04 - 2012-09-26 14:04 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Local\CrashDumps
2015-03-22 14:02 - 2014-08-23 17:26 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-22 14:02 - 2014-04-13 16:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 14:02 - 2011-06-08 15:02 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-03-22 13:55 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 13:55 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 13:52 - 2014-04-13 16:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-22 13:21 - 2012-02-12 11:31 - 00001162 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004UA.job
2015-03-22 13:21 - 2012-02-12 11:31 - 00001140 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004Core.job
2015-03-22 13:17 - 2011-07-05 15:16 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-03-22 13:17 - 2011-07-05 15:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-03-22 13:15 - 2014-04-21 18:01 - 00042056 _____ () C:\Windows\setupact.log
2015-03-22 13:15 - 2011-06-08 07:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-22 13:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-21 13:00 - 2014-08-08 22:27 - 00056828 _____ () C:\Users\Melori Bigvava\Downloads\Addition.txt
2015-03-21 13:00 - 2014-08-08 22:23 - 00083469 _____ () C:\Users\Melori Bigvava\Downloads\FRST.txt
2015-03-21 12:26 - 2012-09-21 20:04 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006Core.job
2015-03-14 15:09 - 2012-09-21 20:04 - 00000964 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006UA.job
2015-03-14 14:59 - 2011-10-07 18:55 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001UA.job
2015-03-14 14:59 - 2011-10-07 18:55 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001Core.job
2015-03-11 19:31 - 2014-04-22 07:35 - 01017576 _____ () C:\Windows\PFRO.log
2015-03-10 22:13 - 2014-06-02 19:41 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\uTorrent
2015-03-10 18:33 - 2014-06-04 18:09 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\FileZilla
2015-03-06 21:46 - 2011-02-11 11:22 - 01649782 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-06 21:46 - 2010-11-21 07:50 - 00702388 _____ () C:\Windows\system32\perfh007.dat
2015-03-06 21:46 - 2010-11-21 07:50 - 00151022 _____ () C:\Windows\system32\perfc007.dat
2015-03-06 21:19 - 2014-08-23 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-06 21:19 - 2014-08-23 17:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-06 20:59 - 2014-07-08 19:22 - 00000045 _____ () C:\trace.txt
2015-03-06 20:59 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-06 20:36 - 2013-12-28 22:44 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Local\Mobogenie
2015-03-06 20:33 - 2005-04-08 03:16 - 00030307 ____H () C:\Users\Melori Bigvava\AppData\Roaming\logs.dat
2015-03-06 19:17 - 2014-08-23 17:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-06 18:28 - 2014-08-04 15:29 - 00000804 _____ () C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-03-06 18:24 - 2014-08-27 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-03-06 18:21 - 2014-06-25 12:59 - 00001130 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-06 18:21 - 2013-06-11 15:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 18:21 - 2012-09-02 10:46 - 00001148 _____ () C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-04 20:30 - 2011-06-08 07:27 - 01338491 _____ () C:\Windows\WindowsUpdate.log
2015-03-03 21:56 - 2014-08-04 15:57 - 00000328 _____ () C:\Users\Melori Bigvava\advanced_ip_scanner_MAC.bin
2015-03-02 21:48 - 2012-09-02 10:49 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Local\Mozilla
2015-03-01 20:15 - 2014-09-23 19:18 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\UBot Studio
2015-03-01 00:11 - 2013-07-08 12:17 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-02-28 22:44 - 2015-01-18 20:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-28 22:44 - 2011-06-08 15:03 - 00000000 ____D () C:\ProgramData\Skype
2015-02-26 21:09 - 2014-05-25 17:59 - 00000000 ___RD () C:\Users\Melori Bigvava\Documents\Camtasia Studio
2015-02-25 20:49 - 2014-06-08 19:33 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\TS3Client
2015-02-24 21:56 - 2014-06-21 12:15 - 00000000 ____D () C:\Users\Melori Bigvava\Documents\Visual Studio 2012
2015-02-24 21:52 - 2014-10-29 18:24 - 00000000 ___RD () C:\Users\Melori Bigvava\Desktop\Tor Browser
2015-02-23 20:17 - 2014-08-20 10:37 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Roaming\Notepad++
2015-02-22 18:31 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-21 17:06 - 2015-01-16 20:54 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Local\IPVanish
2015-02-21 16:22 - 2015-01-07 18:39 - 00007535 _____ () C:\Windows\system32\Drivers\etc\XA.html
2015-02-20 16:29 - 2014-09-23 19:28 - 00000000 ____D () C:\Users\Melori Bigvava\AppData\Local\Deployment

==================== Files in the root of some directories =======

2014-08-15 12:37 - 2014-08-15 12:37 - 0020904 ___SH () C:\Users\Melori Bigvava\AppData\Roaming\A9823473.bat
2015-03-02 22:23 - 2014-03-12 20:40 - 2708992 _____ () C:\Users\Melori Bigvava\AppData\Roaming\Aegis Crypter.exe
2014-09-22 19:43 - 2014-09-22 19:43 - 4694001 _____ () C:\Users\Melori Bigvava\AppData\Roaming\Black OPS II RTM Tool.exe
2015-03-06 18:20 - 2015-03-06 18:20 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Roaming\E11A.tmp
2014-12-30 20:48 - 2014-12-30 20:48 - 0062464 _____ () C:\Users\Melori Bigvava\AppData\Roaming\EncryptionWithKeyForm.exe
2015-01-18 16:42 - 2015-01-18 16:42 - 0231286 ____H () C:\Users\Melori Bigvava\AppData\Roaming\Java.w.jar
2014-08-13 12:45 - 2014-08-13 12:48 - 0000825 _____ () C:\Users\Melori Bigvava\AppData\Roaming\LiveSupport.exe_log.txt
2005-04-08 03:16 - 2015-03-06 20:33 - 0030307 ____H () C:\Users\Melori Bigvava\AppData\Roaming\logs.dat
2005-04-08 03:16 - 2014-09-06 14:35 - 0017931 ____H () C:\Users\Melori Bigvava\AppData\Roaming\Melori Bigvavalog.dat
2014-05-26 19:55 - 2014-05-26 20:05 - 0714433 _____ () C:\Users\Melori Bigvava\AppData\Roaming\nuveo.exe
2014-08-13 12:45 - 2014-08-13 12:48 - 0000092 _____ () C:\Users\Melori Bigvava\AppData\Roaming\regsvr32.exe_log.txt
2015-01-18 16:45 - 2015-01-18 16:46 - 0001282 _____ () C:\Users\Melori Bigvava\AppData\Roaming\Scan Result.txt
2015-01-18 16:45 - 2015-01-18 16:45 - 0000148 _____ () C:\Users\Melori Bigvava\AppData\Roaming\SQLi.txt
2014-11-09 18:24 - 2014-11-09 18:24 - 0001181 _____ () C:\Users\Melori Bigvava\AppData\Roaming\trace_FilterInstaller.txt
2014-11-09 18:24 - 2014-11-09 18:24 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-01-18 16:42 - 2015-01-18 16:42 - 0308736 _____ (Pooria Sharaffodin) C:\Users\Melori Bigvava\AppData\Roaming\Vuln Hunter 2014.exe
2014-02-22 16:12 - 2014-06-09 11:40 - 0000090 _____ () C:\Users\Melori Bigvava\AppData\Roaming\WB.CFG
2012-09-15 20:31 - 2014-11-11 20:19 - 0008192 _____ () C:\Users\Melori Bigvava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-04 16:22 - 2014-08-04 16:23 - 0211852 _____ () C:\Users\Melori Bigvava\AppData\Local\debuggee.mdmp
2014-06-05 18:03 - 2014-06-08 20:57 - 0000600 _____ () C:\Users\Melori Bigvava\AppData\Local\PUTTY.RND
2014-06-09 16:33 - 2014-06-09 16:33 - 0000003 _____ () C:\Users\Melori Bigvava\AppData\Local\updater.log
2014-06-09 16:33 - 2014-06-09 16:33 - 0000454 _____ () C:\Users\Melori Bigvava\AppData\Local\UserProducts.xml
2012-10-24 16:55 - 2012-10-24 16:55 - 0017408 _____ () C:\Users\Melori Bigvava\AppData\Local\WebpageIcons.db
2013-06-29 06:47 - 2013-06-29 06:47 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Local\{049DBB83-6C94-4B97-ACA9-634D9856E3B3}
2013-07-05 16:36 - 2013-07-05 16:36 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Local\{1741E367-6B3C-427C-920C-138ACE4BAAB6}
2013-07-08 11:57 - 2013-07-08 11:57 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Local\{316BBB21-C26B-46EE-9E65-E9969B8F215F}
2013-07-09 11:06 - 2013-07-09 11:06 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Local\{41D8C9C1-BF02-4929-9AE6-8C28A14473E5}
2013-07-09 11:04 - 2013-07-09 11:04 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Local\{8923C46F-0A3F-4081-B5FA-28881F10EBB2}
2013-07-11 11:40 - 2013-07-11 11:40 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Local\{DE6AFB38-895D-4B05-9290-F526368A2839}
2013-07-02 13:34 - 2013-07-02 13:35 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Local\{E80938F3-1099-4020-B876-AA4C06F7D410}
2013-07-11 10:50 - 2013-07-11 10:50 - 0000000 _____ () C:\Users\Melori Bigvava\AppData\Local\{F60EBE6A-2356-45B0-8423-BCDEE9745519}
2011-12-12 12:37 - 2011-12-12 12:37 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\Melori Bigvava\AppData\Local\Temp\22dbshvc.dll
C:\Users\Melori Bigvava\AppData\Local\Temp\bdfilters.dll
C:\Users\Melori Bigvava\AppData\Local\Temp\sqlite3.dll
C:\Users\Melori Bigvava\AppData\Local\Temp\tasks.dll
C:\Users\Melori Bigvava\AppData\Local\Temp\winomflkn.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-10 22:21

==================== End Of Log ============================
--- --- ---

Sandro91 22.03.2015 19:21
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Melori Bigvava at 2015-03-22 14:13:53
Running from C:\Users\Melori Bigvava\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced IP Scanner 2.3 (HKLM-x32\...\{18FC0DE0-9381-42A8-B20C-B7C0E3525B76}) (Version: 2.3.2161 - Famatech)
AnalogX AutoTune (HKLM-x32\...\AnalogX AutoTune) (Version:  - AnalogX)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Apowersoft Bildschirmrekorder Pro V1.4.2 (HKLM-x32\...\{BADAA284-1D15-4EBB-B1E5-7C86603CDBBB}_is1) (Version: 1.4.2 - APOWERSOFT LIMITED)
Apowersoft kostenloser Bildschirmrekorder V1.4.0 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.4.0 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
Avira (HKLM-x32\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.739 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{981B38A6-E4D0-4D94-98C2-75AC645755F5}) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Camtasia Studio 8 (HKLM-x32\...\{419CEBE1-36E9-4AB2-8586-D6213AE28621}) (Version: 8.4.0.1699 - TechSmith Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MX430 series Benutzerregistrierung (HKLM-x32\...\Canon MX430 series Benutzerregistrierung) (Version:  - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - Canon Inc.)
Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.12 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CINEMA 4D R14 (HKLM-x32\...\CINEMA 4D R14) (Version:  - )
ControlConsole API version 2.5 (HKLM-x32\...\{E6C0F5ED-B5EA-451D-8CB1-57902AA188DE}_is1) (Version: 2.5 - Enstone)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarkComet Remover version 2.0 (HKLM-x32\...\DarkComet Remover_is1) (Version: 2.0 - Phrozen ® Software 2013.)
DealPly (HKU\.DEFAULT\...\DealPly) (Version:  - ) <==== ATTENTION
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.19 - ArcSoft)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.0.1011 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.0.1011 - CyberLink Corp.) Hidden
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Facebook Video Calling 1.2.0.159 (HKLM-x32\...\{7CAC6A44-C3DE-4153-ACA6-7524602C789E}) (Version: 1.2.159 - Skype Limited)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Feurio! CD-Writer (HKLM-x32\...\Feurio) (Version:  - )
FileZilla Client 3.8.1 (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FileZilla Client 3.8.1 (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Folder Colorizer version 1.3.3 (HKLM\...\{A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1) (Version: 1.3.3 - Softorino)
Fomine Net Send GUI (HKLM-x32\...\{1D762243-7FA0-4152-B3B5-A5541C3F0C9E}) (Version: 2.7.0.0 - Fomine Software)
FPS Creator (HKLM-x32\...\{B91E4360-298A-4306-9E95-9AD91A0952A1}) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Game Recorder (HKLM-x32\...\{FAA57751-B08B-43C4-92F5-666C21DA91E6}) (Version: 1.1.0.115 - Kaiser Baas)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GTA Online - Recovery Tool (HKLM-x32\...\{98DEAB74-5359-489A-B954-EE178BFCC9CF}_is1) (Version: 3.44 - iMCS Productions)
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Havij 1.15 Free (HKLM-x32\...\Havij_is1) (Version:  - ITSecTeam)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HexWizard 1.2.5 (HKLM-x32\...\HexWizard 1.2.5_is1) (Version:  - handycheats.de)
HHD Software Free Hex Editor 3.12 (HKLM-x32\...\Hex Editor 3) (Version: 3.12 - )
Hide ALL IP 2014.12.04 (HKLM-x32\...\{02FC1980-2123-451F-8CB7-C9B60BE40717}_is1) (Version:  - www.hideallip.com)
HMA! Pro VPN 2.8.11.2 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.11.2 - Privax Ltd)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (HKLM-x32\...\{D81641E8-ABF1-3D07-803B-60E8FC619368}.KB2635973) (Version: 1 - Microsoft Corporation)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Instagram Bot (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\3d6770cba9696bf8) (Version: 1.0.0.13 - Microsoft)
Instagram Bot (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\3d6770cba9696bf8) (Version: 1.0.0.13 - Microsoft)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}) (Version: 1.0.1.0489 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
IPVanish (x32 Version: 2.0.18.6 - IPVanish.com) Hidden
IPVanish VPN (HKLM-x32\...\{56fb1453-6bf9-40da-b615-32fbe5567eb4}) (Version: 2.0.18.6 - IPVanish.com)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lightshot-5.1.3.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.3.0 - Skillbrains)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
LogonStudio (HKLM-x32\...\LogonStudio) (Version: 1.7 - Stardock Corporation)
MAGIX Music Maker for MySpace 15.0.1.8 (D) (HKLM-x32\...\MAGIX Music Maker for MySpace D) (Version: 15.0.1.8 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (HKLM-x32\...\Microsoft Visual Basic 2008 Express Edition with SP1 - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{21855b34-090c-4507-b972-388491166e31}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mobile Mouse Server (HKLM-x32\...\{333AE9D2-1A42-4012-BEC3-DFF9BEBF5CDD}) (Version: 3.0.1 - RPA Tech, Inc)
MobiOne 2.6.3 (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\com.poweredbypulse.profile-0-rb-10081-1410724937699) (Version: 2.6.3 - Genuitec, LLC)
MobiOne 2.6.3 (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\com.poweredbypulse.profile-0-rb-10081-1410724937699) (Version: 2.6.3 - Genuitec, LLC)
Movavi Video Converter 14 (HKLM-x32\...\Movavi Video Converter 14) (Version: 14.0.0 - Movavi)
Movavi Video Converter 15 (HKLM-x32\...\Movavi Video Converter 15) (Version: 15.1.0 - Movavi)
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicStage (HKLM-x32\...\{616AF091-D73C-481B-9113-FD758EB2F50A}) (Version: 1.3.31.0 - Fingertapps)
My Program version 1.5 (HKLM-x32\...\My Program_is1) (Version: 1.5 - )
NetMon (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\NetMon) (Version: 0.5b - NetMon)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.14 (HKLM\...\{8DD94059-60C6-42E3-AB59-8F37445ACC79}) (Version: 4.3.14 - Oracle Corporation)
Password Decryptor 1.0 (HKLM-x32\...\{674CA447-D132-11D4-A4ED-00C04F25604E}) (Version: 1.0.0 - Rohitab Batra)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Pokki (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\Pokki) (Version: 0.266.1.172 - Pokki)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
Proxy Switcher (HKLM-x32\...\{BD85CEE1-BFBA-4FDB-A0FB-F8FE4938CCB0}) (Version: 3.6.1 - Marco Wiedemeyer)
ProxySwitcher Standard (HKLM-x32\...\ProxySwitcher Standard_is1) (Version: 5.12.1 - V-Tech LLC)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.2 r2161 - )
RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version:  - RAR Password Unlocker, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SCE File System Driver v1.8.0.17 (HKLM\...\{6B1CA4D0-D27C-4893-A2A0-82FE0335BC0D}) (Version: 1.8.0.17 - Sony Computer Entertainment Inc.)
SCE ProDG Debugger Documentation for PlayStation®3 v420.1.0 (HKLM-x32\...\{D7BF9F65-76E8-44BA-948A-875863CF3144}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Debugger for PlayStation®3 v420.1.0 (HKLM-x32\...\{6C8B2A8A-50E7-4D9F-80E7-94CBD6148FBB}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Target Manager Documentation for PlayStation®3 v420.1.0 (HKLM-x32\...\{6DDB0863-803D-4814-A39F-E395A5D4EE34}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Target Manager for PlayStation®3 v420.1.0 (HKLM-x32\...\{149E5890-9C43-4E68-92A3-5516705D1CAD}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SN Systems SN Launcher v1.0.7.1 (HKLM-x32\...\{C72CA33A-AA67-4CB8-BD94-E2ABDED81173}) (Version: 1.0.7.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Sub7 version 0.8a (HKLM-x32\...\{DC9349C9-D6C3-460E-91FE-56517F1ED77A}_is1) (Version: 0.8a - Sub7)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-687521651-2007251113-3307527875-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-687521651-2007251113-3307527875-1006\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Terminals (HKLM-x32\...\{15A062CE-E1A0-4677-8477-BD160497943B}) (Version: 3.5.0.0 - Robert Chartier)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3500.13 - TuneUp Software) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.0.18997 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.0.18997 - VMware, Inc.) Hidden
Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.11 - NCH Software)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 5.91 - NCH Software)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireshark 1.10.7 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, hxxp://www.wireshark.org)
Wondershare Video Converter Ultimate(Build 8.0.3.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.0.3.0 - Wondershare Software)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-02-26 20:57 - 00010949 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A91EFF1-35D6-4823-BF8E-4CB60F2899E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {1B9B585A-4A9B-445A-BE44-59526BFCF45C} - System32\Tasks\{ECF3C6FE-1D7D-4E14-9C69-2D6DC27838D1} => pcalua.exe -a "C:\Users\Melori Bigvava\Desktop\DDOS (1)\Ps3-Ip-Xbox-Booter-Ddos\ca_setup.exe" -d "C:\Users\Melori Bigvava\Desktop\DDOS (1)\Ps3-Ip-Xbox-Booter-Ddos"
Task: {1CAE567D-2B5F-48A0-91DB-93E558275389} - System32\Tasks\NAT Service => C:\Users\Melori Bigvava\AppData\Roaming\4ihhV7t7XB2SXiK6\xkUoCcvM5Wzk.exe
Task: {217143E0-62DA-458A-AD87-2DC2586ACDC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {24C23E0B-48F8-496F-8D58-4056DC126593} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {24C58A5C-DA82-4E45-B0E7-D358AC2F110C} - System32\Tasks\Jelbrus Secure Web Task => C:\Program Files (x86)\Jelbrus Secure Web\jswtask.exe <==== ATTENTION
Task: {2BE4C172-2A24-4382-AFEE-6917EFA2E8AA} - System32\Tasks\NAT Service Task => C:\Program Files (x86)\NAT Service\natsv.exe
Task: {3006EB52-2FEC-4E1E-9E04-8B6E36F4BA3B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-03-20] (TuneUp Software)
Task: {3155C1FD-F675-4DD2-B784-FADE3E0AEFC9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001Core => C:\Users\Melori\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {3D2C3750-D0FB-4A7F-8A63-F25E9145977A} - System32\Tasks\Malware Cleaner => C:\Users\Melori Bigvava\AppData\Roaming\E11A.tmp.exe <==== ATTENTION
Task: {4DEE8AE2-671B-4349-83A3-CB497B93EAD6} - System32\Tasks\{1384B26F-621A-4A1A-BE53-1215852B8C18} => pcalua.exe -a F:\VMware\setup.exe -d F:\VMware
Task: {526EBC0E-96A5-4FB1-B736-109E1EB32A8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {5463C744-74C3-40FE-A582-CEEA58F03F6E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001UA => C:\Users\Melori\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {657F3C6D-F3D4-44BF-AD20-3768CBDF4BA0} - System32\Tasks\Get Plus Uplifter => C:\Program Files (x86)\PrivateVPN\gpup.exe [2015-03-06] () <==== ATTENTION
Task: {7005CD47-39CE-4507-9F5A-ADE047D270F2} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {7135C6F8-B5EC-4622-8DF6-420BBB96F063} - System32\Tasks\{DC51F4A1-48B6-4EAC-AACA-712E73032BEF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {720868F2-7ECC-46E1-B3F4-B08D90AE354E} - System32\Tasks\{D7B9E461-56D3-4521-8002-93C76613EAA2} => pcalua.exe -a C:\Users\Melori\Downloads\SweetImSetup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {92DB6912-43DB-4D7E-84FE-8622D8F629A5} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {9E5BFDB2-6479-4631-847C-8F378E2D7940} - System32\Tasks\{51400B7C-07E8-4DE3-84FE-2594E22C0EE4} => pcalua.exe -a "C:\Users\Melori Bigvava\Downloads\autoi.exe" -d "C:\Users\Melori Bigvava\Downloads"
Task: {A537C7A2-6A9E-4A0A-8178-9EE401264284} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004UA => C:\Users\Sandrtropez\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {B15A0E5F-0BD4-4DB4-9D73-24E7C21D2066} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BB2B9E1B-A310-4D23-B25A-973F7FD01C0A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004Core => C:\Users\Sandrtropez\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {C2CEB6B2-EE2D-4870-85CA-C2AB8CF93794} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006UA => C:\Users\Melori Bigvava\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-14] (Facebook Inc.)
Task: {D0A9F4F9-8D72-4C3B-BAF3-F091E43DF111} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006Core => C:\Users\Melori Bigvava\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-14] (Facebook Inc.)
Task: {ED27DC26-19C6-42BA-A29E-2C10B02800CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F08818C2-2564-4B92-8595-4C007A39898A} - System32\Tasks\Opera scheduled Autoupdate 1403697665 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {F922431C-3272-4F52-A510-203D63C0D2DD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001Core.job => C:\Users\Melori\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1001UA.job => C:\Users\Melori\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004Core.job => C:\Users\Sandrtropez\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1004UA.job => C:\Users\Sandrtropez\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006Core.job => C:\Users\Melori Bigvava\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-687521651-2007251113-3307527875-1006UA.job => C:\Users\Melori Bigvava\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-687521651-2007251113-3307527875-1006.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) ==============

2010-12-17 19:53 - 2010-12-17 19:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-04-21 18:07 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-22 16:34 - 2011-08-22 16:34 - 11837440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-06-08 15:03 - 2011-08-18 16:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-06-08 16:04 - 2011-03-26 09:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 19:53 - 2010-12-17 19:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 02745168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareShellExtension.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-12-21 15:34 - 2014-10-24 14:16 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-10-29 21:45 - 2013-10-29 21:45 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-10-29 21:45 - 2013-10-29 21:45 - 00798392 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-06 13:24 - 2014-07-07 20:25 - 01782125 _____ () C:\Users\Melori Bigvava\Java\uMlCkZN.exe
2015-03-22 14:05 - 2015-03-22 14:05 - 00019626 _____ () C:\Users\Melori Bigvava\AppData\Local\Temp\winomflkn.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-06 18:20 - 2015-03-06 18:21 - 00086528 ____N () C:\Program Files (x86)\Jelbrus Secure Web\mgwz.dll
2011-08-22 16:23 - 2011-08-22 16:23 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2008-02-25 15:09 - 2008-02-25 15:09 - 00200704 _____ () C:\Program Files (x86)\Fomine Net Send GUI\imclient.dll
2014-06-01 10:08 - 2014-06-01 10:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-03-13 19:01 - 2015-03-07 07:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libglesv2.dll
2015-03-13 19:01 - 2015-03-07 07:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libegl.dll
2015-03-13 19:01 - 2015-03-07 07:13 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll
2015-03-13 19:01 - 2015-03-07 07:13 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll
2015-03-06 18:50 - 2015-03-03 14:39 - 00209464 _____ () C:\Program Files (x86)\Proxy Switcher Standard\STLHash.dll
2015-03-06 18:50 - 2015-03-03 14:39 - 00380472 _____ () C:\Program Files (x86)\Proxy Switcher Standard\uSSL.dll
2015-03-06 18:50 - 2015-03-03 14:39 - 00097336 _____ () C:\Program Files (x86)\Proxy Switcher Standard\upcre.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-687521651-2007251113-3307527875-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Melori Bigvava\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-687521651-2007251113-3307527875-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator.Melori-PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LavasoftAdAwareService11 => 2
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: ZuneNetworkSvc => 3
MSCONFIG\Services: ZuneWlanCfgSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk => C:\Windows\pss\Air Mouse.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Melori Bigvava^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Ad-Aware Browsing Protection => "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: Hide ALL IP => "C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NAT Service => C:\Program Files (x86)\NAT Service\natsv.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: uTorrent => "C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-687521651-2007251113-3307527875-500 - Administrator - Enabled) => C:\Users\Administrator.Melori-PC
Gast (S-1-5-21-687521651-2007251113-3307527875-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-687521651-2007251113-3307527875-1008 - Limited - Enabled)
Melori Bigvava (S-1-5-21-687521651-2007251113-3307527875-1006 - Administrator - Enabled) => C:\Users\Melori Bigvava
Sandrtropez (S-1-5-21-687521651-2007251113-3307527875-1004 - Limited - Enabled) => C:\Users\Sandrtropez
UpdatusUser (S-1-5-21-687521651-2007251113-3307527875-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2015 02:02:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Name des fehlerhaften Moduls: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00427121
ID des fehlerhaften Prozesses: 0x48f0
Startzeit der fehlerhaften Anwendung: 0xuTorrent.exe0
Pfad der fehlerhaften Anwendung: uTorrent.exe1
Pfad des fehlerhaften Moduls: uTorrent.exe2
Berichtskennung: uTorrent.exe3

Error: (03/22/2015 02:02:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Name des fehlerhaften Moduls: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00427121
ID des fehlerhaften Prozesses: 0x4680
Startzeit der fehlerhaften Anwendung: 0xuTorrent.exe0
Pfad der fehlerhaften Anwendung: uTorrent.exe1
Pfad des fehlerhaften Moduls: uTorrent.exe2
Berichtskennung: uTorrent.exe3

Error: (03/22/2015 01:17:19 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/22/2015 01:17:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2015 00:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Name des fehlerhaften Moduls: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00427121
ID des fehlerhaften Prozesses: 0x1e34
Startzeit der fehlerhaften Anwendung: 0xuTorrent.exe0
Pfad der fehlerhaften Anwendung: uTorrent.exe1
Pfad des fehlerhaften Moduls: uTorrent.exe2
Berichtskennung: uTorrent.exe3

Error: (03/21/2015 00:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Name des fehlerhaften Moduls: uTorrent.exe, Version: 3.4.2.38913, Zeitstempel: 0x54e68b9c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00427121
ID des fehlerhaften Prozesses: 0x1e14
Startzeit der fehlerhaften Anwendung: 0xuTorrent.exe0
Pfad der fehlerhaften Anwendung: uTorrent.exe1
Pfad des fehlerhaften Moduls: uTorrent.exe2
Berichtskennung: uTorrent.exe3

Error: (03/21/2015 00:29:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2015 00:28:14 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18892

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18892


System errors:
=============
Error: (03/22/2015 02:02:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (03/22/2015 01:19:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Live Malware Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/22/2015 01:18:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (03/22/2015 01:17:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (03/22/2015 01:17:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064

Error: (03/21/2015 01:05:57 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (03/21/2015 01:05:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (03/21/2015 00:33:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (03/21/2015 00:31:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (03/21/2015 00:28:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064


Microsoft Office Sessions:
=========================
Error: (03/22/2015 02:02:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: uTorrent.exe3.4.2.3891354e68b9cuTorrent.exe3.4.2.3891354e68b9cc00000050042712148f001d064a0802f6092C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exeC:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exec148a601-d093-11e4-96eb-cd22595d5211

Error: (03/22/2015 02:02:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: uTorrent.exe3.4.2.3891354e68b9cuTorrent.exe3.4.2.3891354e68b9cc000000500427121468001d064a0803c8023C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exeC:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exec10ef789-d093-11e4-96eb-cd22595d5211

Error: (03/22/2015 01:17:19 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/22/2015 01:17:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2015 00:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: uTorrent.exe3.4.2.3891354e68b9cuTorrent.exe3.4.2.3891354e68b9cc0000005004271211e3401d063cac1f2dea7C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exeC:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exe006b069a-cfbe-11e4-9e48-a97aece44b0c

Error: (03/21/2015 00:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: uTorrent.exe3.4.2.3891354e68b9cuTorrent.exe3.4.2.3891354e68b9cc0000005004271211e1401d063cac1e39c66C:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exeC:\Users\Melori Bigvava\AppData\Roaming\uTorrent\uTorrent.exe0061ded9-cfbe-11e4-9e48-a97aece44b0c

Error: (03/21/2015 00:29:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2015 00:28:14 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18892

Error: (03/13/2015 11:17:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18892


CodeIntegrity Errors:
===================================
  Date: 2014-08-03 21:32:43.091
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 18:53:37.748
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-06 18:53:37.611
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 82%
Total physical RAM: 4010.17 MB
Available physical RAM: 699.9 MB
Total Pagefile: 8018.53 MB
Available Pagefile: 3277.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:27.64 GB) NTFS
Drive d: (21 Jan 2015) (CDROM) (Total:0.69 GB) (Free:0.66 GB) UDF
Drive e: () (Removable) (Total:7.48 GB) (Free:5.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

cosinus 23.03.2015 09:45
Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:18 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131