Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Mein Rechner ist sehr sehr langsam, woran kann es liegen und was kann man dagegen tun? (https://www.trojaner-board.de/153562-rechner-sehr-sehr-langsam-woran-liegen-man-dagegen-tun.html)

schrauber 23.05.2014 16:32
Deinstalliere mal alles von Sophos.

russak777 24.05.2014 19:41
Das ist mein Antivirusprogramm. Was mache ich danach?

mfg russak777

jetzt ist die CPU-Auslastung zw. 7 und 18 %. Aber ohne Antivirus ist es doch gefährlich, oder?

schrauber 25.05.2014 18:28
Installier es jetzt nochmal neu, hatte warscheinlich nur nen Schluckauf.

russak777 20.07.2015 11:25
hallo Leute,
ihr kennt euch hier in Vergleich zu mir richtig gut mit Rechnern aus. Kann mir bitte jemand helfen, mein Rechner ist sehr langsam :( selbst beim Tippen muss ich ewig warten bis die Buchstaben kommen :(
Vielen Dank im Voraus.
Gruß

schrauber 21.07.2015 06:48
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


russak777 21.07.2015 11:06
FRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Georgii at 2015-07-21 12:02:15
Running from C:\Users\Georgii\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3968757505-1059699835-2356866766-500 - Administrator - Disabled)
Gast (S-1-5-21-3968757505-1059699835-2356866766-501 - Limited - Disabled)
Georgii (S-1-5-21-3968757505-1059699835-2356866766-1001 - Administrator - Enabled) => C:\Users\Georgii
HomeGroupUser$ (S-1-5-21-3968757505-1059699835-2356866766-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dropbox (HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Etymonix SoftReel (HKLM-x32\...\Etymonix SoftReel) (Version:  - )
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Free YouTube Download version 3.2.60.713 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.60.713 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\MyFreeCodec) (Version:  - )
Open Office 2013 Packages (HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Open Office 2013 Packages) (Version:  - ) <==== ATTENTION
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Shopping Helper Smartbar (HKLM-x32\...\{96F1EBE2-6BF6-44E8-84AC-DB577BAD1DD5}) (Version: 11.49.63.16848 - ReSoft Ltd.) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
TV Wizard (HKLM-x32\...\TVWizard) (Version: 2.7.35 - Small Island Development) <==== ATTENTION
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Web Bar 2.0.5574.22315 (HKLM\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5574.22315 - Web Bar Media) <==== ATTENTION!
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

05-07-2015 03:16:23 Geplanter Prüfpunkt
10-07-2015 15:18:00 Windows Update
12-07-2015 16:18:34 avast! antivirus system restore point
16-07-2015 15:16:19 Windows Update
20-07-2015 19:58:13 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F43762-3BE7-4B17-90A4-BDDCCBF0FF7A} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5_user => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.exe <==== ATTENTION
Task: {0E7BDD08-CB81-476F-9C22-589BC4FEA189} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {0FD918A5-6307-41B5-9317-67EB4734BDFF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {12EFB127-B6AC-41DB-B505-507F86A7213D} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-7 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-7.exe <==== ATTENTION
Task: {1EA8F2BE-88B3-4A15-9961-0244FE710749} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {23DD9E66-CC91-476C-ACD1-2CC3C65CF305} - \LaunchSignup No Task File <==== ATTENTION
Task: {24DC50DC-3B7D-4632-918A-89CE490F8665} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {2C6EB95D-06CC-4C6F-9323-704F2F824E40} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {2D67D0A4-2854-4A05-A39E-B7A8B26F568C} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {2D89B63E-FD68-4C04-8CDC-C534C75FA8AA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-12] (Avast Software s.r.o.)
Task: {323E239A-BB86-4AB3-8D3C-6B37B0AEE39F} - \ALUAgent No Task File <==== ATTENTION
Task: {3404E5FB-C766-4DBD-9ED1-1A6303C0FDCC} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.exe <==== ATTENTION
Task: {39F8C479-CC76-4B00-8CB8-4A193C611E87} - \Launch Manager No Task File <==== ATTENTION
Task: {3C305F7D-2312-494E-AF61-1472BF2DBFB9} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-3 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-3.exe <==== ATTENTION
Task: {46A7A6EC-D9A7-4C61-9832-85A6C42D1DCF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {4C69BD98-BD4E-43DC-822C-FD00D14D5E63} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {4CA71155-728E-41E0-B523-32111BF473BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {5405E5C1-2D08-4354-AC5C-BC15D886B5FD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {73EF5D4C-0215-4431-905D-BB5C2B09D37F} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-11 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-11.exe <==== ATTENTION
Task: {791B4282-4D72-4D72-B21B-71974785A94D} - \AcerCloud No Task File <==== ATTENTION
Task: {7F7B0B66-3357-4FE3-B32C-199AD04400A6} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exe [2015-04-06] (Web Bar Media) <==== ATTENTION
Task: {864F00DF-C56A-4DE3-B8B2-DAF5802E9258} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {89F36C11-277E-4949-B39D-3020DA4EC1E3} - \2457c43f-96a8-41ce-8e31-60a4d0f191f9-5 No Task File <==== ATTENTION
Task: {92334DDA-2094-4557-A5A5-69C3A6CEABF0} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-4 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-4.exe <==== ATTENTION
Task: {AA6D6AE8-9D5A-48DB-A020-7C751ED5B7FE} - \ALU No Task File <==== ATTENTION
Task: {B2CD3B4D-5841-4369-80E3-43E65C6A20D9} - \Quick Access No Task File <==== ATTENTION
Task: {BC14AFF9-72FF-41FD-BED2-A164733D3367} - \Power Management No Task File <==== ATTENTION
Task: {C32A8A0A-0B13-4CFD-999D-15E8A4B56A65} - System32\Tasks\WSE_Astromenda => C:\Users\Georgii\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C84B1DB9-396D-4BEE-94E3-955A97DA82AE} - \AllmyappsUpdateTask No Task File <==== ATTENTION
Task: {D143AC07-17F0-4AD6-AC5D-B9572FA32CD1} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-2 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-2.exe <==== ATTENTION
Task: {DAAC1ED1-0741-4EA9-8D17-733A381A245D} - \LaunchApp No Task File <==== ATTENTION
Task: {E1D28045-4085-4BA0-AD60-27A448559990} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-1 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\HQ Pro Video 1.6V28.11-codedownloader.exe <==== ATTENTION
Task: {E270B083-7CDB-4F4C-86AA-0C1285644589} - System32\Tasks\WebBarLaunchTask => C:\Program Files\WebBar\wbsvc.exe [2015-04-06] (Web Bar Media) <==== ATTENTION
Task: {E63EF40D-017F-4622-8EC0-E2FA77CD9FA0} - \Optimize Start Menu Cache Files-S-1-5-21-3968757505-1059699835-2356866766-500 No Task File <==== ATTENTION
Task: {EA2DD0A2-C50F-41F5-AB67-B535D05AD382} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {F13AE673-2E31-4D01-9784-2A15D495B1C3} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-6 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-6.exe <==== ATTENTION
Task: {FFC9F600-E439-4C67-9E0D-520A92677A56} - System32\Tasks\a7774df2-7162-4b37-a238-8fb180a0d9b9 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\a7774df2-7162-4b37-a238-8fb180a0d9b9.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\2457c43f-96a8-41ce-8e31-60a4d0f191f9-5.job => C:\Program Files (x86)\MediaPlayerplus\2457c43f-96a8-41ce-8e31-60a4d0f191f9-5.exeȾ/UcuUkKW /xDkDNs='MediaPlayerplus' /LstTf=54246 /lmOea='001359' /guJbCPeTJ='verticals-ads,intext,shopping,pops' /AhcLHiII='0' /PnhQjAYA=3BEE695DA735428B91DCA7ADE0688B85IE /nMPXg=9b1ce6126d31ca8cdee7f7ca80aa4c66 /HJZbfSZY=1_34_04_10 /iyObc=1398101585 /KEemr=http:/stats.clientdemocloud.com /XWOgJrQI=http:/errors.clientdemocloud.com /XlBCPpuKk=http:/ipgeoapi.com/ /rBXJlS=http:/update.clientdemocloud.com /WFRdx=2 /KHaYT=http:/logs.clientdemocloud.com /AeslT='http:/update.clientdemocloud.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a7774df2-7162-4b37-a238-8fb180a0d9b9.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\a7774df2-7162-4b37-a238-8fb180a0d9b9.exeȥ/agentregpath='HQ Pro Video 1.6V28.11' /appid=65779 /srcid='001874' /subid='0' /zdata='0' /bic=3BEE695DA735428B91DCA7ADE0688B85IE /verifier=9b1ce6126d31ca8cdee7f7ca80aa4c66 /installerversion=1_35_11_26 /installationtime=1417208747 /statsdomain=http:/stats.newstaticclientstack.com /errorsdomain=http:/errors.newstaticclientstack.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http:/logs.newstaticclientstack.com <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-1.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\HQ Pro Video 1.6V28.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-11.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-2.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-3.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-4.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5_user.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-6.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-7.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core.job => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA.job => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WSE_Astromenda.job => 0x03060100C9F870BDBDE2BB4AB50A3FBDC152EB9946000E010000000044440000200000000014730F020007800013040020208021DF070700020015000B003700000044000000400043003A005C00550073006500720073005C00470065006F0072006700690069005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C005700530045005F00410053007E0031005C005500500044004100540045007E0031005C005500500044004100540045007E0031002E00450058004500000007002F0043006800650063006B000000000012004D006100720067006F0073006300680061005C00470065006F00720067006900690000000000000008000000000000000000010030000000D7070800070000000000000000003700A00500003C0000000000000001000000010000000000000000000000

==================== Loaded Modules (Whitelisted) ==============

2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-09-03 21:45 - 2013-09-03 21:45 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-07-18 11:00 - 2015-03-04 11:31 - 00808960 _____ () C:\Program Files\WebBar\2.0.5574.22315\ISightSDK_x64.dll
2015-07-21 11:40 - 2015-07-21 11:40 - 00003072 _____ () C:\Users\Georgii\AppData\Local\Temp\isdkOxD5PLpU\ISightHost.exe
2015-07-21 11:40 - 2015-03-04 11:31 - 00808960 _____ () C:\Users\Georgii\AppData\Local\Temp\isdkOxD5PLpU\ISightSDK.DLL
2015-07-12 16:21 - 2015-07-12 16:21 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-12 16:21 - 2015-07-12 16:21 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-18 11:05 - 2015-07-18 11:05 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071700\algo.dll
2015-07-20 12:53 - 2015-07-20 12:53 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15072000\algo.dll
2013-10-20 02:53 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2015-07-21 11:39 - 2015-07-21 11:39 - 00043008 _____ () c:\users\georgii\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn10yig.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-06-16 11:13 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-06-16 11:13 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-16 11:13 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-07-12 16:21 - 2015-07-12 16:21 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-20 03:21 - 2013-07-30 18:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-07-16 15:57 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-16 15:57 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 31.168.224.106 - 5.135.12.52
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A81232C3-360A-41E0-B1BD-336695ED6F53}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{B0EA15AC-0B3F-4CC1-8B8A-AED50AEC491C}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{C355B43A-83DA-458C-91C0-4DEE561D5E5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{EBFD35F3-58F4-43AB-8363-328E4CB9FECA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{3BC2AF59-F005-41C4-B18A-7730FCADC7A6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{388C98C3-B336-4132-99B8-4D5A80DCA78D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{237A0D78-0D97-4261-B971-9AE100F94E06}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{D00116D6-17E9-4727-AA8A-6754E6E7E4BC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{91A02123-CACE-4710-9D2F-A6C270AC6145}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{9B3854A3-B690-4A6C-8D45-570581C770AD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{568C0A7B-4FE8-4F31-A205-4CDFF5B014E0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{EA368DC2-86E0-4387-A7AC-C51CD044F48F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{742AFC4C-D852-4C0F-922F-893352805204}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{BF9FE63C-5284-4B3B-9179-25A0CCF9E525}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{6AD24B85-C5E7-467C-B918-05AE05B9C179}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{65EC4349-4255-4A52-9402-D7372D7BE493}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{781D6248-2A34-419E-8DCF-76D7BCC7492B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{15AB4E5B-B0D0-43CD-9FCD-BE7127FCB56B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{93D150B7-7E25-4FE0-9C67-D99E3A2515D8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{E7DCC9D2-1AF8-4633-8039-1E28E99F5569}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{E0887C42-1AEF-423C-8F23-13766071360A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{1D358BAF-D456-4FAE-955A-A9B15367A12E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{A718DAFF-2AA0-4617-AF11-DDF54DCE0004}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{6E7DB763-86AA-4246-A246-28DDD65C110A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{547A478A-BE44-4518-A89B-3874AB95C539}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{01317D40-9D84-4A73-835E-777239376466}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{3F8F9FCF-E9EF-4F1E-A4B9-C130C6A6E397}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{F0AE1322-C4A4-4825-8996-8E0F47091FFC}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{AF701AC7-D124-42C7-AC82-8145972C1C77}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{42621261-CF6A-4C84-B2BA-0A6985D5F3C9}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{69742512-F944-475E-B8FA-24823C70382D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{A9D18FBF-83D5-420B-A84C-5CF2C39A30F0}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{8B0AFA78-BFB7-4569-AC0B-323990001322}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{F595700C-D6A8-4699-A445-92F7BE668519}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{99F9371C-73DE-470A-B26B-5015E49E10B0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{6638338B-EB8F-4CEF-8C22-C2AC67612CA6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{3740A403-3B6B-46F7-A1F4-1309C2A9549F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{278134A7-4753-4FEA-9E5D-30B6ECBE86D4}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{7590F329-47FD-4D71-A63E-3EF82C3C7EE9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{26EA1F64-0A4F-4728-BDD3-62419A694917}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{FA6AA058-A377-46C3-935A-5B41E8601646}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{B56F0656-356C-4F2C-9082-2C5E00FE2323}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{20010152-8F6D-4EB4-8762-F4086AF2FD3A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{ACA47AD9-AEC9-4853-B7E0-EA1558771EBF}] => (Allow) C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8F9F4BA9-FBB0-4F73-A6C3-90D352FF0CE3}] => (Allow) C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{B8DE12EB-12D9-4614-AC39-5046614C32C9}C:\users\georgii\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\georgii\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D4EA90B6-9715-4062-99D5-533AD2CC4205}C:\users\georgii\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\georgii\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{72B6FF32-A0C1-40C7-AC82-BEFB165A13F7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{13239438-9911-4E01-9B4A-2154203FB335}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{99782FF7-1F3E-4356-B48F-337DAFA278C7}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{53C94F93-6966-4D2D-8B41-D8EFD7B0E275}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{83F046B5-9638-46CC-8E27-A7D01D62504D}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{5FFF3C5D-1436-4112-A6BE-D09EC8D79041}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{1F75CACE-8538-47BE-9DBA-9F187EA82F26}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{8BDD9A3E-762D-4B06-BCAC-5D9A64800A2D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F61E69B7-2AF5-4180-976D-39E13BE5E27D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2015 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Update ClearThink since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/20/2015 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/20/2015 07:15:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Margoscha)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/20/2015 12:07:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Margoscha)
Description: Bei der Aktivierung der App „Microsoft.BingSports_8wekyb3d8bbwe!AppexSports“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/19/2015 08:29:27 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (07/19/2015 08:21:18 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (07/18/2015 02:19:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 11:04:01 AM) (Source: MsiInstaller) (EventID: 11719) (User: Margoscha)
Description: Produkt: TuneUp Utilities 2014 -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.

Error: (07/18/2015 11:01:34 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (07/18/2015 11:01:32 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


System errors:
=============
Error: (07/20/2015 07:18:33 PM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: Windows.Store

Error: (07/20/2015 01:41:46 PM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/20/2015 01:41:15 PM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/20/2015 12:59:11 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (07/20/2015 12:53:17 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (07/20/2015 12:08:24 PM) (Source: DCOM) (EventID: 10001) (User: Margoscha)
Description: "C:\Windows\System32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.131Windows.Networking.ContentPrefetcher.Internal.ContentPrefetcherTask.ClassId.1Nicht verfügbarNicht verfügbar

Error: (07/19/2015 08:14:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update ClearThink" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/19/2015 08:14:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1243

Error: (07/17/2015 03:40:17 AM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/17/2015 03:39:47 AM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office:
=========================
Error: (07/20/2015 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Update ClearThink since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/20/2015 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/20/2015 07:15:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Margoscha)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142

Error: (07/20/2015 12:07:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Margoscha)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927142

Error: (07/19/2015 08:29:27 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/19/2015 08:21:18 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2015 02:19:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 11:04:01 AM) (Source: MsiInstaller) (EventID: 11719) (User: Margoscha)
Description: Produkt: TuneUp Utilities 2014 -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2015 11:01:34 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (07/18/2015 11:01:32 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 6026.27 MB
Available physical RAM: 3399.63 MB
Total Virtual: 9164.42 MB
Available Virtual: 6457.27 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.83 GB) (Free:584.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 944BECE0)

Partition: GPT Partition Type.

==================== End of log ============================
--- --- ---

--- --- ---



FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Georgii (administrator) on MARGOSCHA on 21-07-2015 12:00:19
Running from C:\Users\Georgii\Downloads
Loaded Profiles: Georgii (Available Profiles: Georgii)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Dropbox, Inc.) C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Web Bar Media) C:\Program Files\WebBar\2.0.5574.22315\wb.exe
() C:\Users\Georgii\AppData\Local\Temp\isdkOxD5PLpU\ISightHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [fst_de_22] => [X]
HKLM-x32\...\Run: [t4pc_en_3] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-12] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-12] (Electronic Arts)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [Dropbox Update] => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
Startup: C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_frmr_14_37_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzzyBtN1L2XzutAtFtBtFyCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=628351036&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_frmr_14_37_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzzyBtN1L2XzutAtFtBtFyCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=628351036&ir=
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna1tPBS7p-JQBlPIYjVhf3WBP9F1qJcKF5DMxql4NMxaEaWxqOXRIRjC7qhNBWllqpLuIWuWtFbKIRNL8v6ljY3JQcR5xcYigiiMPXc5TpHcllf33gHAUXjA7sh8CInOUg,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna1tPBS7p-JQBlPIYjVhf3WBP9F1qJcKF5DMxql4NMxaEaWxqOXRIRjC7qhNBWllqpLuIWuWtFbKIRNL8v6ljY3JQcR5xcYigiiMPXc5TpHcllf33gHAUXjA7sh8CInOVw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=1102708822&ir=
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_dsites_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=979804696&ir=
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_4&ent=ch_5127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {8E634135-5FDC-4192-8D95-6125AAA50A17} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M786F78DC-B9B7-4E3B-981A-866C227AB312&SearchSource=58&CUI=&UM=6&UP=SPB5EAD95B-7904-4D9D-8784-63056FA64A10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_frmr_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzzzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=218498141&ir=
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {B2D004DC-5809-4497-ACCD-E4531E66FA12} URL =
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511421146} ->  No File
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-12] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-12] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {3004627E-F8E9-4E8B-909D-316753CBA923} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{930D7CCD-9C61-45EA-AB5D-27DBBAE6643A}: [NameServer] 31.168.224.106,5.135.12.52
Tcpip\..\Interfaces\{930D7CCD-9C61-45EA-AB5D-27DBBAE6643A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B5C0F132-FDAA-4DB0-A56E-475213FE7CD3}: [NameServer] 31.168.224.106,5.135.12.52
Tcpip\..\Interfaces\{B5C0F132-FDAA-4DB0-A56E-475213FE7CD3}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-12]
FF HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\Georgii\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test 127 - C:\Users\Georgii\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2014-01-16]
FF HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\Georgii\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games 111 - C:\Users\Georgii\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-01-16]

Chrome:
=======
CHR Profile: C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Adblock Plus) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-14]
CHR Extension: (Avast SafePrice) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-07-19]
CHR Extension: (Avast Online Security) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Google Wallet) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR HKLM\...\Chrome\Extension: [ehjldlodmkdlooagebfnaghgmkfccipn] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehjldlodmkdlooagebfnaghgmkfccipn] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dghncoeocefmhkhiphdgikkamjeglbfh] - C:\Program Files (x86)\mystarttb\chrome-newtab-search.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ehjldlodmkdlooagebfnaghgmkfccipn] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [jljheddigenhleadfofeccneimcmlefp] - C:\Users\Georgii\AppData\Roaming\speedtest4354\speedtest4354.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-12] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-12] (Electronic Arts)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S2 wbsvc; C:\Program Files\WebBar\wbsvc.exe [37144 2015-04-06] (Web Bar Media)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-12] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-12] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 12:00 - 2015-07-21 12:01 - 00028059 _____ C:\Users\Georgii\Downloads\FRST.txt
2015-07-21 11:59 - 2015-07-21 12:00 - 00000000 ____D C:\FRST
2015-07-21 11:59 - 2015-07-21 11:59 - 02135552 _____ (Farbar) C:\Users\Georgii\Downloads\FRST64.exe
2015-07-20 13:22 - 2015-07-21 11:58 - 00127899 _____ C:\Windows\WindowsUpdate.log
2015-07-20 12:50 - 2015-07-20 12:50 - 00001740 _____ C:\Users\Public\Desktop\Defraggler.lnk
2015-07-20 12:50 - 2015-07-20 12:50 - 00000000 ____D C:\Program Files\Defraggler
2015-07-20 12:49 - 2015-07-20 12:50 - 04532776 _____ (Piriform Ltd) C:\Users\Georgii\Downloads\dfsetup219.exe
2015-07-20 12:36 - 2015-07-20 12:36 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-20 12:36 - 2015-07-20 12:36 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-20 12:36 - 2015-07-20 12:36 - 00000000 ____D C:\Program Files\CCleaner
2015-07-20 12:35 - 2015-07-20 12:35 - 05329360 _____ (Piriform Ltd) C:\Users\Georgii\Downloads\ccsetup507_slim.exe
2015-07-20 12:33 - 2015-07-20 12:33 - 00359656 _____ (Microsoft Corporation) C:\Users\Georgii\Downloads\msicuu2.exe
2015-07-19 20:15 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-19 20:15 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-18 11:00 - 2015-07-18 11:01 - 00000000 ____D C:\Users\Georgii\AppData\Local\WebBar
2015-07-18 11:00 - 2015-07-18 11:00 - 00003784 _____ C:\Windows\System32\Tasks\WebBarUpdateTask
2015-07-18 11:00 - 2015-07-18 11:00 - 00003260 _____ C:\Windows\System32\Tasks\WebBarLaunchTask
2015-07-18 11:00 - 2015-07-18 11:00 - 00001460 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-07-18 11:00 - 2015-07-18 11:00 - 00001265 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\ProgramData\InstallSightSDK
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files\WebBar
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-07-18 10:59 - 2015-07-18 10:59 - 34950064 _____ (DVDVideoSoft Ltd. ) C:\Users\Georgii\Downloads\FreeYouTubeDownload3.2.60.713.exe
2015-07-18 10:59 - 2015-07-18 10:59 - 34950064 _____ (DVDVideoSoft Ltd. ) C:\Users\Georgii\Downloads\FreeYouTubeDownload3.2.60.713 (1).exe
2015-07-16 10:00 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 10:00 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 10:00 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 10:00 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 10:00 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 10:00 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 10:00 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 10:00 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 10:00 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 10:00 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 10:00 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 10:00 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-16 10:00 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-16 10:00 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-16 10:00 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-16 10:00 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-16 10:00 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 10:00 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-16 10:00 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:00 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:00 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-16 10:00 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-16 10:00 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-16 10:00 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-16 10:00 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-16 10:00 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-16 10:00 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-16 10:00 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-16 09:59 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 09:59 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 09:59 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 09:59 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 09:59 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 09:59 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 09:59 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 09:59 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 09:59 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-16 09:59 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 09:59 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 09:59 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-16 09:59 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 09:59 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-16 09:59 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-16 09:59 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-16 09:58 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 09:58 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 09:58 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 09:58 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 09:58 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 09:58 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-16 09:58 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 09:58 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 09:58 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 09:58 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 09:58 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 09:58 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 09:58 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 09:58 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-16 09:58 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 09:58 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-16 09:58 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-16 09:58 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 09:58 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 09:58 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 09:58 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 09:58 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 09:56 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 09:56 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 09:55 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 09:55 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 09:55 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 09:55 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 09:55 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 09:55 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 22:09 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-14 22:09 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 22:08 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 22:08 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 22:08 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 22:08 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 22:08 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 22:08 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 22:08 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-14 22:08 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 22:08 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 22:08 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-14 22:08 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 22:08 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-14 22:08 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-14 22:08 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 22:08 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 22:08 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 22:08 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 22:08 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 22:08 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 22:08 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 22:08 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-14 22:08 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 22:08 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 22:08 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-14 22:08 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 22:08 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-14 22:08 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-14 22:08 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 22:08 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 22:08 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 22:08 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-14 22:08 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 22:08 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 22:08 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 22:08 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 22:08 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-14 22:08 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-14 22:08 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 22:08 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-14 22:08 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 22:08 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-14 22:08 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-14 22:08 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-14 22:08 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-14 22:08 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 16:24 - 2015-07-12 16:24 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\AVAST Software
2015-07-12 16:22 - 2015-07-18 11:04 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-12 16:22 - 2015-07-12 16:22 - 00001942 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-12 16:22 - 2015-07-12 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-12 16:21 - 2015-07-12 16:22 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-12 16:21 - 2015-07-12 16:21 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-12 16:21 - 2015-07-12 16:21 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-12 16:19 - 2015-07-12 16:19 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-12 16:17 - 2015-07-12 16:17 - 05499960 _____ (Avast Software s.r.o.) C:\Users\Georgii\Downloads\avast_free_antivirus_setup_online.exe
2015-07-10 18:39 - 2015-07-10 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etymonix SoftReel
2015-07-10 18:39 - 2015-07-10 18:39 - 00000000 ____D C:\Program Files (x86)\Etymonix
2015-07-10 18:39 - 1997-11-19 16:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-07-10 18:35 - 2015-07-10 18:35 - 01004536 _____ C:\Users\Georgii\Downloads\SoftReel_Setup.exe
2015-07-10 15:27 - 2015-07-10 15:27 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-26 17:22 - 2015-06-26 17:22 - 00000706 _____ C:\Users\Georgii\Downloads\Setup                        .website

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 12:00 - 2014-08-16 14:04 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Skype
2015-07-21 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-21 11:56 - 2015-02-19 13:39 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-21 11:55 - 2014-09-16 11:15 - 00000320 _____ C:\Windows\Tasks\WSE_Astromenda.job
2015-07-21 11:39 - 2015-01-27 18:35 - 00000000 ____D C:\ProgramData\Origin
2015-07-21 11:39 - 2014-06-17 19:50 - 00000000 ___RD C:\Users\Georgii\Dropbox
2015-07-21 11:39 - 2014-03-30 15:57 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Dropbox
2015-07-21 11:38 - 2015-02-19 13:39 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00005544 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-7.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00005544 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-6.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00005210 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-11.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00004184 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-4.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00003494 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-1.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00002472 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5_user.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00002472 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00002136 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-2.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00001498 _____ C:\Windows\Tasks\a7774df2-7162-4b37-a238-8fb180a0d9b9.job
2015-07-21 11:38 - 2014-11-28 23:05 - 00004520 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-3.job
2015-07-21 11:38 - 2014-04-21 19:33 - 00001538 _____ C:\Windows\Tasks\2457c43f-96a8-41ce-8e31-60a4d0f191f9-5.job
2015-07-21 09:26 - 2014-09-20 08:14 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F20CBB1C-9178-44A6-9CDD-4C6809BB27A5}
2015-07-20 20:23 - 2015-06-16 11:11 - 00001252 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA.job
2015-07-20 20:23 - 2015-06-16 11:11 - 00001200 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core.job
2015-07-20 19:58 - 2014-09-14 11:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3968757505-1059699835-2356866766-1001
2015-07-20 19:58 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-20 12:41 - 2013-12-29 22:50 - 00000000 ____D C:\Users\Georgii\AppData\Local\CrashDumps
2015-07-20 12:41 - 2013-09-05 16:55 - 00000000 ____D C:\Windows\Panther
2015-07-19 20:20 - 2013-10-20 12:14 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-07-19 20:20 - 2013-10-20 12:14 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-07-19 20:20 - 2013-09-05 16:05 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-19 20:18 - 2015-06-16 11:11 - 00004202 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA
2015-07-19 20:18 - 2015-06-16 11:11 - 00003822 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core
2015-07-19 20:14 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-19 20:14 - 2013-08-22 16:44 - 00414856 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 20:11 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-19 20:09 - 2015-04-04 22:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 20:09 - 2015-04-04 22:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-19 20:09 - 2014-12-18 12:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-19 20:09 - 2014-07-09 22:11 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-19 20:09 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-19 20:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-19 20:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-18 11:01 - 2014-07-05 13:23 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\DVDVideoSoft
2015-07-18 11:00 - 2015-05-19 11:57 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\RPEng
2015-07-16 15:57 - 2015-02-19 13:40 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-16 15:51 - 2015-02-19 13:39 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 15:51 - 2015-02-19 13:39 - 00003874 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 15:27 - 2013-12-29 23:42 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 15:07 - 2014-08-16 14:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 15:07 - 2014-08-16 14:03 - 00000000 ____D C:\ProgramData\Skype
2015-07-12 19:24 - 2015-01-27 18:35 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-12 16:43 - 2014-08-17 13:05 - 00230912 ___SH C:\Users\Georgii\Downloads\Thumbs.db
2015-07-05 12:08 - 2014-01-31 18:32 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43 - 2013-12-29 23:42 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-04-21 19:34 - 2014-04-21 19:45 - 0000318 _____ () C:\Users\Georgii\AppData\Roaming\aps.uninstall.scan.results
2014-04-21 21:44 - 2014-11-11 21:55 - 0000103 _____ () C:\Users\Georgii\AppData\Roaming\WB.CFG
2015-02-18 14:33 - 2015-02-18 14:33 - 0000000 _____ () C:\Users\Georgii\AppData\Local\{1F5BB354-C0CA-413F-832C-BC2054E65F40}
2013-10-20 02:56 - 2013-10-20 02:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Georgii\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn10yig.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-17 03:39

==================== End of log ============================
--- --- ---

schrauber 22.07.2015 07:56
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Open Office 2013 Packages

    Shopping Helper Smartbar

    TV Wizard

    Web Bar 2.0.5574.22315


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

russak777 22.07.2015 12:27
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, Domain Database, 0.0.0.0, 2015.6.12.1,
Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, Remediation Database, 2015.3.9.1, 2015.7.20.1,
Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, IP Database, 0.0.0.0, 2015.6.12.1,
Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, Rootkit Database, 2015.2.25.1, 2015.7.17.1,
Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, Malware Database, 2015.3.9.5, 2015.7.22.2,
Protection, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Protection, Malware Protection, Starting,
Protection, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Protection, Malware Protection, Started,
Protection, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Starting,
Protection, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Started,
Update, 22.07.2015 12:09, SYSTEM, MARGOSCHA, Manual, program, 2.1.6.1022, 2.1.8.0,
Protection, 22.07.2015 12:11, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Stopping,
Protection, 22.07.2015 12:11, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Stopped,
Protection, 22.07.2015 12:11, SYSTEM, MARGOSCHA, Protection, Malware Protection, Stopping,
Protection, 22.07.2015 12:11, SYSTEM, MARGOSCHA, Protection, Malware Protection, Stopped,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malware Protection, Starting,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malware Protection, Started,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Starting,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Started,
Error, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Update, Bad md5 or size: akadomains, 11,
Error, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Update, Bad md5 or size: akaips, 11,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, Remediation Database, 2015.5.13.1, 2015.7.20.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, IP Database, 0.0.0.0, 2015.6.12.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, Rootkit Database, 2015.6.2.1, 2015.7.17.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, Domain Database, 0.0.0.0, 2015.6.12.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, AKA IP Database, 0.0.0.0, 2015.7.15.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, AKA Domain Database, 0.0.0.0, 2015.7.20.2,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, Malware Database, 2015.6.3.3, 2015.7.22.2,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Refresh, Starting,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Stopping,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Stopped,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Refresh, Success,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Starting,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Started,
Scan, 22.07.2015 12:50, SYSTEM, MARGOSCHA, Manual, Start: 22.07.2015 12:13, Dauer: 33 Min. 15 Sek., Bedrohungssuchlauf, Abgeschlossen, 10 Malware-Erkennung, 669 Nicht-Malware-Erkennungen,
Protection, 22.07.2015 12:53, SYSTEM, MARGOSCHA, Protection, Malware Protection, Starting,
Protection, 22.07.2015 12:53, SYSTEM, MARGOSCHA, Protection, Malware Protection, Started,
Protection, 22.07.2015 12:53, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Starting,
Protection, 22.07.2015 12:53, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Started,

(end)

AdwCleaner Logfile:
Code:
# AdwCleaner v4.208 - Bericht erstellt 22/07/2015 um 13:08:45
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Georgii - MARGOSCHA
# Gestarted von : C:\Users\Georgii\Downloads\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\TVWizard
Ordner Gelöscht : C:\ProgramData\Media Get LLC
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Allmyapps
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\RegClean Pro
Ordner Gelöscht : C:\Program Files (x86)\Systweak Support Dock
Ordner Gelöscht : C:\Program Files (x86)\DriverRestore
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\StormFall
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Gameo
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\SetMyHomePage
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gelöscht : C:\Users\Georgii\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Georgii\Documents\PC Speed Maximizer
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Georgii\daemonprocess.txt
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Georgii\Desktop\Goodgame Empire.lnk

***** [ Geplante Tasks ] *****

Task Gelöscht : LaunchApp
Task Gelöscht : LaunchSignup
Task Gelöscht : Optimizer Pro Schedule
Task Gelöscht : pricemeterdownloader
Task Gelöscht : a7774df2-7162-4b37-a238-8fb180a0d9b9

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575579}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576679}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575579}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576679}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\ClickConnect
Schlüssel Gelöscht : HKCU\Software\eSupport.com
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Media Get LLC
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Tuto4PC
Schlüssel Gelöscht : HKCU\Software\DriverRestore
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : HKLM\SOFTWARE\WinUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\SI-App
Schlüssel Gelöscht : HKLM\SOFTWARE\RST
Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Google Chrome v44.0.2403.89

[C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://Lasaoren.com/?f=1&a=lrn_dsites_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=979804696&ir=

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [13103 Bytes] - [22/07/2015 13:07:38]
AdwCleaner[S0].txt - [11254 Bytes] - [22/07/2015 13:08:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11314  Bytes] ##########
--- --- ---

AdwCleaner Logfile:
Code:
# AdwCleaner v4.208 - Bericht erstellt 22/07/2015 um 13:08:45
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Georgii - MARGOSCHA
# Gestarted von : C:\Users\Georgii\Downloads\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\TVWizard
Ordner Gelöscht : C:\ProgramData\Media Get LLC
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Allmyapps
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\RegClean Pro
Ordner Gelöscht : C:\Program Files (x86)\Systweak Support Dock
Ordner Gelöscht : C:\Program Files (x86)\DriverRestore
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\StormFall
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Gameo
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\SetMyHomePage
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gelöscht : C:\Users\Georgii\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Georgii\Documents\PC Speed Maximizer
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Georgii\daemonprocess.txt
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Georgii\Desktop\Goodgame Empire.lnk

***** [ Geplante Tasks ] *****

Task Gelöscht : LaunchApp
Task Gelöscht : LaunchSignup
Task Gelöscht : Optimizer Pro Schedule
Task Gelöscht : pricemeterdownloader
Task Gelöscht : a7774df2-7162-4b37-a238-8fb180a0d9b9

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575579}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576679}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575579}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576679}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\ClickConnect
Schlüssel Gelöscht : HKCU\Software\eSupport.com
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Media Get LLC
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Tuto4PC
Schlüssel Gelöscht : HKCU\Software\DriverRestore
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : HKLM\SOFTWARE\WinUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\SI-App
Schlüssel Gelöscht : HKLM\SOFTWARE\RST
Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Google Chrome v44.0.2403.89

[C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://Lasaoren.com/?f=1&a=lrn_dsites_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=979804696&ir=

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [13103 Bytes] - [22/07/2015 13:07:38]
AdwCleaner[S0].txt - [11254 Bytes] - [22/07/2015 13:08:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11314  Bytes] ##########
--- --- ---JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 8.1 x64
Ran by Georgii on 22.07.2015 at 13:15:53,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544424446}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644574479}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544424446}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644574479}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511421146}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511421146}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544424446}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644574479}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544424446}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644574479}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update ClearThink
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update SmarterPower
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util SmarterPower



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\Users\Georgii\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Georgii\AppData\Roaming\goldengate
Successfully deleted: [Folder] C:\Users\Georgii\AppData\Roaming\nico mak computing



~~~ Chrome


[C:\Users\Georgii\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Georgii\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Georgii\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Georgii\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  booedmolknjekdopkepjjeckmjkdpfgl,
  ehjldlodmkdlooagebfnaghgmkfccipn,
  flpcjncodpafbgdpnkljologafpionhb,
  ifohbjbgfchkkfhphahclmkpgejiplfo,
  jljheddigenhleadfofeccneimcmlefp,
  pfkfdlcdbajamklbneflfbcmfgddmpae
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.07.2015 at 13:25:39,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---

schrauber 23.07.2015 07:06

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

russak777 23.07.2015 09:35
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# end=init
# utc_time=2015-07-23 07:54:14
# local_time=2015-07-23 09:54:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 24935
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# end=updated
# utc_time=2015-07-23 08:00:34
# local_time=2015-07-23 10:00:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# engine=24935
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-23 08:02:12
# local_time=2015-07-23 10:02:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=771 16777213 66 68 924892 927656 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 927677 14720924 0 0
# scanned=1720
# found=0
# cleaned=0
# scan_time=98
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# end=init
# utc_time=2015-07-23 08:04:31
# local_time=2015-07-23 10:04:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24935
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# end=updated
# utc_time=2015-07-23 08:04:48
# local_time=2015-07-23 10:04:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# engine=24935
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-23 08:16:09
# local_time=2015-07-23 10:16:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=771 16777213 66 68 925729 928493 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 928514 14721761 0 0
# scanned=14369
# found=0
# cleaned=0
# scan_time=680

Results of screen317's Security Check version 1.004
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2014 (de-DE)
Google Chrome (43.0.2357.134)
Google Chrome (44.0.2403.89)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng ngservice.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

ich habe noch ne frage er ist immer nicht schneller geworden es hängt beim schreiben.
<Surfen geht es immer noch nicht so richtig möglich beim Chrom habe ich mal ad-blocker Instaliert aber es funkzenirt nicht

schrauber 23.07.2015 17:28
Das frische FRST log fehlt noch.

Zitat:
ich habe noch ne frage er ist immer nicht schneller geworden es hängt beim schreiben.
<Surfen geht es immer noch nicht so richtig möglich beim Chrom habe ich mal ad-blocker Instaliert aber es funkzenirt nicht
:wtf:
das musste ich jetzt 3mal lesen...

russak777 30.07.2015 10:57
ich wollte fragen mein Ad-Blocker funkt nicht


FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Georgii (Administrator) auf MARGOSCHA (30-07-2015 11:55:30)
Gestartet von C:\Users\Georgii\Downloads
Geladene Profile: Georgii (Verfügbare Profile: Georgii)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Georgii\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-12] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-12] (Electronic Arts)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [Dropbox Update] => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
Startup: C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {B2D004DC-5809-4497-ACCD-E4531E66FA12} URL =
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-12] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{930D7CCD-9C61-45EA-AB5D-27DBBAE6643A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B5C0F132-FDAA-4DB0-A56E-475213FE7CD3}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-12]

Chrome:
=======
CHR Profile: C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Adblock Plus) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-14]
CHR Extension: (Avast SafePrice) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-07-19]
CHR Extension: (Avast Online Security) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-12] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-12] (Electronic Arts)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-12] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-12] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-30 11:55 - 2015-07-30 11:55 - 02169856 _____ (Farbar) C:\Users\Georgii\Downloads\FRST64 (1).exe
2015-07-30 11:33 - 2015-07-30 11:33 - 00000000 ____D C:\Windows\LastGood
2015-07-30 10:58 - 2015-07-30 10:58 - 01627424 _____ C:\Users\Georgii\Downloads\setup_Mueller_Fotowelt.exe
2015-07-30 10:25 - 2015-07-30 10:25 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-23 10:22 - 2015-07-23 10:22 - 00852662 _____ C:\Users\Georgii\Downloads\SecurityCheck.exe
2015-07-23 09:52 - 2015-07-23 09:52 - 02870984 _____ (ESET) C:\Users\Georgii\Downloads\esetsmartinstaller_deu.exe
2015-07-22 13:25 - 2015-07-22 13:25 - 00003489 _____ C:\Users\Georgii\Desktop\JRT.txt
2015-07-22 13:15 - 2015-07-22 13:15 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Georgii\Downloads\JRT.exe
2015-07-22 13:04 - 2015-07-22 13:04 - 00003796 _____ C:\lolk.txt
2015-07-22 13:03 - 2015-07-22 12:53 - 00011322 _____ C:\lol.xml
2015-07-22 12:56 - 2015-07-22 13:09 - 00000000 ____D C:\AdwCleaner
2015-07-22 12:28 - 2015-07-22 12:28 - 02248704 _____ C:\Users\Georgii\Downloads\AdwCleaner_4.208.exe
2015-07-22 12:07 - 2015-07-22 12:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-22 12:06 - 2015-07-22 12:07 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Georgii\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-22 11:44 - 2015-07-22 11:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Georgii\Downloads\revosetup95.exe
2015-07-22 11:44 - 2015-07-22 11:44 - 00001288 _____ C:\Users\Georgii\Desktop\Revo Uninstaller.lnk
2015-07-22 11:44 - 2015-07-22 11:44 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-22 11:32 - 2015-07-30 11:34 - 00001984 _____ C:\Windows\setupact.log
2015-07-22 11:32 - 2015-07-22 11:32 - 00000000 _____ C:\Windows\setuperr.log
2015-07-22 11:29 - 2015-07-30 11:31 - 00117670 _____ C:\Windows\PFRO.log
2015-07-21 14:28 - 2015-07-30 11:54 - 00313193 _____ C:\Windows\WindowsUpdate.log
2015-07-21 12:02 - 2015-07-21 12:03 - 00039958 _____ C:\Users\Georgii\Downloads\Addition.txt
2015-07-21 12:00 - 2015-07-30 11:55 - 00020549 _____ C:\Users\Georgii\Downloads\FRST.txt
2015-07-21 11:59 - 2015-07-30 11:55 - 00000000 ____D C:\FRST
2015-07-21 11:59 - 2015-07-21 11:59 - 02135552 _____ (Farbar) C:\Users\Georgii\Downloads\FRST64.exe
2015-07-20 19:26 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:26 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 19:26 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:26 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 12:50 - 2015-07-20 12:50 - 00001740 _____ C:\Users\Public\Desktop\Defraggler.lnk
2015-07-20 12:50 - 2015-07-20 12:50 - 00000000 ____D C:\Program Files\Defraggler
2015-07-20 12:49 - 2015-07-20 12:50 - 04532776 _____ (Piriform Ltd) C:\Users\Georgii\Downloads\dfsetup219.exe
2015-07-20 12:36 - 2015-07-20 12:36 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-20 12:36 - 2015-07-20 12:36 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-20 12:36 - 2015-07-20 12:36 - 00000000 ____D C:\Program Files\CCleaner
2015-07-20 12:35 - 2015-07-20 12:35 - 05329360 _____ (Piriform Ltd) C:\Users\Georgii\Downloads\ccsetup507_slim.exe
2015-07-20 12:33 - 2015-07-20 12:33 - 00359656 _____ (Microsoft Corporation) C:\Users\Georgii\Downloads\msicuu2.exe
2015-07-19 20:15 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-19 20:15 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-18 11:00 - 2015-07-18 11:00 - 00001460 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-07-18 11:00 - 2015-07-18 11:00 - 00001265 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-07-18 10:59 - 2015-07-18 10:59 - 34950064 _____ (DVDVideoSoft Ltd. ) C:\Users\Georgii\Downloads\FreeYouTubeDownload3.2.60.713.exe
2015-07-18 10:59 - 2015-07-18 10:59 - 34950064 _____ (DVDVideoSoft Ltd. ) C:\Users\Georgii\Downloads\FreeYouTubeDownload3.2.60.713 (1).exe
2015-07-16 10:00 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 10:00 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 10:00 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 10:00 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 10:00 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 10:00 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 10:00 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 10:00 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 10:00 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 10:00 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 10:00 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 10:00 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-16 10:00 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-16 10:00 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-16 10:00 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-16 10:00 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-16 10:00 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 10:00 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-16 10:00 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:00 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:00 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-16 10:00 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-16 10:00 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-16 10:00 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-16 10:00 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-16 10:00 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-16 10:00 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-16 10:00 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-16 09:59 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 09:59 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 09:59 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 09:59 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 09:59 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 09:59 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 09:59 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 09:59 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 09:59 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-16 09:59 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 09:59 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 09:59 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-16 09:59 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 09:59 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-16 09:59 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-16 09:59 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-16 09:58 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 09:58 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 09:58 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 09:58 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 09:58 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 09:58 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-16 09:58 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 09:58 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 09:58 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 09:58 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 09:58 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 09:58 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 09:58 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 09:58 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 09:58 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 09:58 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 09:58 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 09:58 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 09:56 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 09:56 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 09:55 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 09:55 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 09:55 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 09:55 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 09:55 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 09:55 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 22:09 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-14 22:09 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 22:08 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 22:08 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 22:08 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 22:08 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 22:08 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 22:08 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 22:08 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-14 22:08 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 22:08 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 22:08 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-14 22:08 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 22:08 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-14 22:08 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-14 22:08 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 22:08 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 22:08 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 22:08 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 22:08 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 22:08 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 22:08 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 22:08 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-14 22:08 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 22:08 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 22:08 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-14 22:08 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 22:08 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-14 22:08 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-14 22:08 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 22:08 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 22:08 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 22:08 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-14 22:08 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 22:08 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 22:08 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 22:08 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 22:08 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-14 22:08 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-14 22:08 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 22:08 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-14 22:08 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 22:08 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-14 22:08 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-14 22:08 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-14 22:08 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-14 22:08 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 16:24 - 2015-07-12 16:24 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\AVAST Software
2015-07-12 16:22 - 2015-07-22 13:11 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-12 16:22 - 2015-07-12 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-12 16:21 - 2015-07-12 16:22 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-12 16:21 - 2015-07-12 16:21 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-12 16:21 - 2015-07-12 16:21 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-12 16:19 - 2015-07-12 16:19 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-12 16:17 - 2015-07-12 16:17 - 05499960 _____ (Avast Software s.r.o.) C:\Users\Georgii\Downloads\avast_free_antivirus_setup_online.exe
2015-07-10 18:39 - 2015-07-10 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etymonix SoftReel
2015-07-10 18:39 - 2015-07-10 18:39 - 00000000 ____D C:\Program Files (x86)\Etymonix
2015-07-10 18:39 - 1997-11-19 16:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-07-10 18:35 - 2015-07-10 18:35 - 01004536 _____ C:\Users\Georgii\Downloads\SoftReel_Setup.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-30 11:56 - 2015-02-19 13:39 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-30 11:55 - 2014-08-16 14:04 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Skype
2015-07-30 11:38 - 2013-10-20 12:14 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-07-30 11:38 - 2013-10-20 12:14 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-07-30 11:38 - 2013-09-05 16:05 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-30 11:37 - 2014-09-14 11:04 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3968757505-1059699835-2356866766-1001
2015-07-30 11:35 - 2014-06-17 19:50 - 00000000 ___RD C:\Users\Georgii\Dropbox
2015-07-30 11:35 - 2014-03-30 15:57 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Dropbox
2015-07-30 11:33 - 2013-10-20 02:56 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-07-30 11:32 - 2015-02-19 13:39 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-30 11:32 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-30 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-30 10:59 - 2015-02-19 13:40 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-30 10:25 - 2015-06-16 11:11 - 00001252 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA.job
2015-07-30 10:12 - 2015-04-04 22:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-30 10:12 - 2014-09-20 08:14 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F20CBB1C-9178-44A6-9CDD-4C6809BB27A5}
2015-07-30 10:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-23 13:31 - 2015-01-27 18:35 - 00000000 ____D C:\ProgramData\Origin
2015-07-22 13:09 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-22 13:08 - 2013-12-28 21:20 - 00000000 ____D C:\Users\Georgii
2015-07-22 13:04 - 2014-08-17 13:05 - 00230912 ___SH C:\Users\Georgii\Downloads\Thumbs.db
2015-07-22 12:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\L2Schemas
2015-07-22 11:32 - 2013-08-22 16:44 - 00413488 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 12:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-20 20:23 - 2015-06-16 11:11 - 00001200 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core.job
2015-07-20 19:58 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-20 12:41 - 2013-12-29 22:50 - 00000000 ____D C:\Users\Georgii\AppData\Local\CrashDumps
2015-07-20 12:41 - 2013-09-05 16:55 - 00000000 ____D C:\Windows\Panther
2015-07-19 20:18 - 2015-06-16 11:11 - 00004202 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA
2015-07-19 20:18 - 2015-06-16 11:11 - 00003822 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core
2015-07-19 20:09 - 2015-04-04 22:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 20:09 - 2014-12-18 12:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-19 20:09 - 2014-07-09 22:11 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-19 20:09 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-19 20:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-18 11:01 - 2014-07-05 13:23 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\DVDVideoSoft
2015-07-18 11:00 - 2015-05-19 11:57 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\RPEng
2015-07-16 15:51 - 2015-02-19 13:39 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 15:51 - 2015-02-19 13:39 - 00003874 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 15:27 - 2013-12-29 23:42 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 15:07 - 2014-08-16 14:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 15:07 - 2014-08-16 14:03 - 00000000 ____D C:\ProgramData\Skype
2015-07-12 19:24 - 2015-01-27 18:35 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-05 12:08 - 2014-01-31 18:32 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43 - 2013-12-29 23:42 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-21 21:44 - 2014-11-11 21:55 - 0000103 _____ () C:\Users\Georgii\AppData\Roaming\WB.CFG
2015-02-18 14:33 - 2015-02-18 14:33 - 0000000 _____ () C:\Users\Georgii\AppData\Local\{1F5BB354-C0CA-413F-832C-BC2054E65F40}
2013-10-20 02:56 - 2013-10-20 02:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Georgii\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzgqigd.dll
C:\Users\Georgii\AppData\Local\Temp\Quarantine.exe
C:\Users\Georgii\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-30 10:30

==================== Ende von log ============================
--- --- ---

schrauber 30.07.2015 18:18
Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:33 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55