Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Mein Rechner ist sehr sehr langsam, woran kann es liegen und was kann man dagegen tun? (https://www.trojaner-board.de/153562-rechner-sehr-sehr-langsam-woran-liegen-man-dagegen-tun.html)

schrauber 23.05.2014 16:32
Deinstalliere mal alles von Sophos.

russak777 24.05.2014 19:41
Das ist mein Antivirusprogramm. Was mache ich danach?

mfg russak777

jetzt ist die CPU-Auslastung zw. 7 und 18 %. Aber ohne Antivirus ist es doch gefährlich, oder?

schrauber 25.05.2014 18:28
Installier es jetzt nochmal neu, hatte warscheinlich nur nen Schluckauf.

russak777 20.07.2015 11:25
hallo Leute,
ihr kennt euch hier in Vergleich zu mir richtig gut mit Rechnern aus. Kann mir bitte jemand helfen, mein Rechner ist sehr langsam :( selbst beim Tippen muss ich ewig warten bis die Buchstaben kommen :(
Vielen Dank im Voraus.
Gruß

schrauber 21.07.2015 06:48
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


russak777 21.07.2015 11:06
FRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Georgii at 2015-07-21 12:02:15
Running from C:\Users\Georgii\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3968757505-1059699835-2356866766-500 - Administrator - Disabled)
Gast (S-1-5-21-3968757505-1059699835-2356866766-501 - Limited - Disabled)
Georgii (S-1-5-21-3968757505-1059699835-2356866766-1001 - Administrator - Enabled) => C:\Users\Georgii
HomeGroupUser$ (S-1-5-21-3968757505-1059699835-2356866766-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dropbox (HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Etymonix SoftReel (HKLM-x32\...\Etymonix SoftReel) (Version:  - )
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Free YouTube Download version 3.2.60.713 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.60.713 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\MyFreeCodec) (Version:  - )
Open Office 2013 Packages (HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Open Office 2013 Packages) (Version:  - ) <==== ATTENTION
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Shopping Helper Smartbar (HKLM-x32\...\{96F1EBE2-6BF6-44E8-84AC-DB577BAD1DD5}) (Version: 11.49.63.16848 - ReSoft Ltd.) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
TV Wizard (HKLM-x32\...\TVWizard) (Version: 2.7.35 - Small Island Development) <==== ATTENTION
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Web Bar 2.0.5574.22315 (HKLM\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5574.22315 - Web Bar Media) <==== ATTENTION!
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

05-07-2015 03:16:23 Geplanter Prüfpunkt
10-07-2015 15:18:00 Windows Update
12-07-2015 16:18:34 avast! antivirus system restore point
16-07-2015 15:16:19 Windows Update
20-07-2015 19:58:13 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F43762-3BE7-4B17-90A4-BDDCCBF0FF7A} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5_user => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.exe <==== ATTENTION
Task: {0E7BDD08-CB81-476F-9C22-589BC4FEA189} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {0FD918A5-6307-41B5-9317-67EB4734BDFF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {12EFB127-B6AC-41DB-B505-507F86A7213D} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-7 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-7.exe <==== ATTENTION
Task: {1EA8F2BE-88B3-4A15-9961-0244FE710749} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {23DD9E66-CC91-476C-ACD1-2CC3C65CF305} - \LaunchSignup No Task File <==== ATTENTION
Task: {24DC50DC-3B7D-4632-918A-89CE490F8665} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {2C6EB95D-06CC-4C6F-9323-704F2F824E40} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {2D67D0A4-2854-4A05-A39E-B7A8B26F568C} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {2D89B63E-FD68-4C04-8CDC-C534C75FA8AA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-12] (Avast Software s.r.o.)
Task: {323E239A-BB86-4AB3-8D3C-6B37B0AEE39F} - \ALUAgent No Task File <==== ATTENTION
Task: {3404E5FB-C766-4DBD-9ED1-1A6303C0FDCC} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.exe <==== ATTENTION
Task: {39F8C479-CC76-4B00-8CB8-4A193C611E87} - \Launch Manager No Task File <==== ATTENTION
Task: {3C305F7D-2312-494E-AF61-1472BF2DBFB9} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-3 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-3.exe <==== ATTENTION
Task: {46A7A6EC-D9A7-4C61-9832-85A6C42D1DCF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {4C69BD98-BD4E-43DC-822C-FD00D14D5E63} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {4CA71155-728E-41E0-B523-32111BF473BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {5405E5C1-2D08-4354-AC5C-BC15D886B5FD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {73EF5D4C-0215-4431-905D-BB5C2B09D37F} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-11 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-11.exe <==== ATTENTION
Task: {791B4282-4D72-4D72-B21B-71974785A94D} - \AcerCloud No Task File <==== ATTENTION
Task: {7F7B0B66-3357-4FE3-B32C-199AD04400A6} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exe [2015-04-06] (Web Bar Media) <==== ATTENTION
Task: {864F00DF-C56A-4DE3-B8B2-DAF5802E9258} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {89F36C11-277E-4949-B39D-3020DA4EC1E3} - \2457c43f-96a8-41ce-8e31-60a4d0f191f9-5 No Task File <==== ATTENTION
Task: {92334DDA-2094-4557-A5A5-69C3A6CEABF0} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-4 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-4.exe <==== ATTENTION
Task: {AA6D6AE8-9D5A-48DB-A020-7C751ED5B7FE} - \ALU No Task File <==== ATTENTION
Task: {B2CD3B4D-5841-4369-80E3-43E65C6A20D9} - \Quick Access No Task File <==== ATTENTION
Task: {BC14AFF9-72FF-41FD-BED2-A164733D3367} - \Power Management No Task File <==== ATTENTION
Task: {C32A8A0A-0B13-4CFD-999D-15E8A4B56A65} - System32\Tasks\WSE_Astromenda => C:\Users\Georgii\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C84B1DB9-396D-4BEE-94E3-955A97DA82AE} - \AllmyappsUpdateTask No Task File <==== ATTENTION
Task: {D143AC07-17F0-4AD6-AC5D-B9572FA32CD1} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-2 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-2.exe <==== ATTENTION
Task: {DAAC1ED1-0741-4EA9-8D17-733A381A245D} - \LaunchApp No Task File <==== ATTENTION
Task: {E1D28045-4085-4BA0-AD60-27A448559990} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-1 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\HQ Pro Video 1.6V28.11-codedownloader.exe <==== ATTENTION
Task: {E270B083-7CDB-4F4C-86AA-0C1285644589} - System32\Tasks\WebBarLaunchTask => C:\Program Files\WebBar\wbsvc.exe [2015-04-06] (Web Bar Media) <==== ATTENTION
Task: {E63EF40D-017F-4622-8EC0-E2FA77CD9FA0} - \Optimize Start Menu Cache Files-S-1-5-21-3968757505-1059699835-2356866766-500 No Task File <==== ATTENTION
Task: {EA2DD0A2-C50F-41F5-AB67-B535D05AD382} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {F13AE673-2E31-4D01-9784-2A15D495B1C3} - System32\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-6 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-6.exe <==== ATTENTION
Task: {FFC9F600-E439-4C67-9E0D-520A92677A56} - System32\Tasks\a7774df2-7162-4b37-a238-8fb180a0d9b9 => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\a7774df2-7162-4b37-a238-8fb180a0d9b9.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\2457c43f-96a8-41ce-8e31-60a4d0f191f9-5.job => C:\Program Files (x86)\MediaPlayerplus\2457c43f-96a8-41ce-8e31-60a4d0f191f9-5.exeȾ/UcuUkKW /xDkDNs='MediaPlayerplus' /LstTf=54246 /lmOea='001359' /guJbCPeTJ='verticals-ads,intext,shopping,pops' /AhcLHiII='0' /PnhQjAYA=3BEE695DA735428B91DCA7ADE0688B85IE /nMPXg=9b1ce6126d31ca8cdee7f7ca80aa4c66 /HJZbfSZY=1_34_04_10 /iyObc=1398101585 /KEemr=http:/stats.clientdemocloud.com /XWOgJrQI=http:/errors.clientdemocloud.com /XlBCPpuKk=http:/ipgeoapi.com/ /rBXJlS=http:/update.clientdemocloud.com /WFRdx=2 /KHaYT=http:/logs.clientdemocloud.com /AeslT='http:/update.clientdemocloud.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a7774df2-7162-4b37-a238-8fb180a0d9b9.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\a7774df2-7162-4b37-a238-8fb180a0d9b9.exeȥ/agentregpath='HQ Pro Video 1.6V28.11' /appid=65779 /srcid='001874' /subid='0' /zdata='0' /bic=3BEE695DA735428B91DCA7ADE0688B85IE /verifier=9b1ce6126d31ca8cdee7f7ca80aa4c66 /installerversion=1_35_11_26 /installationtime=1417208747 /statsdomain=http:/stats.newstaticclientstack.com /errorsdomain=http:/errors.newstaticclientstack.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http:/logs.newstaticclientstack.com <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-1.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\HQ Pro Video 1.6V28.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-11.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-2.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-3.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-4.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5_user.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-6.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-7.job => C:\Program Files (x86)\HQ Pro Video 1.6V28.11\b55d5c0e-bd29-49f8-b0b7-a61871569172-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core.job => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA.job => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WSE_Astromenda.job => 0x03060100C9F870BDBDE2BB4AB50A3FBDC152EB9946000E010000000044440000200000000014730F020007800013040020208021DF070700020015000B003700000044000000400043003A005C00550073006500720073005C00470065006F0072006700690069005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C005700530045005F00410053007E0031005C005500500044004100540045007E0031005C005500500044004100540045007E0031002E00450058004500000007002F0043006800650063006B000000000012004D006100720067006F0073006300680061005C00470065006F00720067006900690000000000000008000000000000000000010030000000D7070800070000000000000000003700A00500003C0000000000000001000000010000000000000000000000

==================== Loaded Modules (Whitelisted) ==============

2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-09-03 21:45 - 2013-09-03 21:45 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-07-18 11:00 - 2015-03-04 11:31 - 00808960 _____ () C:\Program Files\WebBar\2.0.5574.22315\ISightSDK_x64.dll
2015-07-21 11:40 - 2015-07-21 11:40 - 00003072 _____ () C:\Users\Georgii\AppData\Local\Temp\isdkOxD5PLpU\ISightHost.exe
2015-07-21 11:40 - 2015-03-04 11:31 - 00808960 _____ () C:\Users\Georgii\AppData\Local\Temp\isdkOxD5PLpU\ISightSDK.DLL
2015-07-12 16:21 - 2015-07-12 16:21 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-12 16:21 - 2015-07-12 16:21 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-18 11:05 - 2015-07-18 11:05 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071700\algo.dll
2015-07-20 12:53 - 2015-07-20 12:53 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15072000\algo.dll
2013-10-20 02:53 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-01-27 18:36 - 2015-07-12 19:22 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2015-07-21 11:39 - 2015-07-21 11:39 - 00043008 _____ () c:\users\georgii\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn10yig.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-06-16 11:13 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-06-16 11:13 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-16 11:13 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Georgii\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-07-12 16:21 - 2015-07-12 16:21 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-20 03:21 - 2013-07-30 18:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-07-16 15:57 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-16 15:57 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 31.168.224.106 - 5.135.12.52
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A81232C3-360A-41E0-B1BD-336695ED6F53}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{B0EA15AC-0B3F-4CC1-8B8A-AED50AEC491C}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{C355B43A-83DA-458C-91C0-4DEE561D5E5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{EBFD35F3-58F4-43AB-8363-328E4CB9FECA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{3BC2AF59-F005-41C4-B18A-7730FCADC7A6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{388C98C3-B336-4132-99B8-4D5A80DCA78D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{237A0D78-0D97-4261-B971-9AE100F94E06}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{D00116D6-17E9-4727-AA8A-6754E6E7E4BC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{91A02123-CACE-4710-9D2F-A6C270AC6145}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{9B3854A3-B690-4A6C-8D45-570581C770AD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{568C0A7B-4FE8-4F31-A205-4CDFF5B014E0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{EA368DC2-86E0-4387-A7AC-C51CD044F48F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{742AFC4C-D852-4C0F-922F-893352805204}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{BF9FE63C-5284-4B3B-9179-25A0CCF9E525}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{6AD24B85-C5E7-467C-B918-05AE05B9C179}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{65EC4349-4255-4A52-9402-D7372D7BE493}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{781D6248-2A34-419E-8DCF-76D7BCC7492B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{15AB4E5B-B0D0-43CD-9FCD-BE7127FCB56B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{93D150B7-7E25-4FE0-9C67-D99E3A2515D8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{E7DCC9D2-1AF8-4633-8039-1E28E99F5569}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{E0887C42-1AEF-423C-8F23-13766071360A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{1D358BAF-D456-4FAE-955A-A9B15367A12E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{A718DAFF-2AA0-4617-AF11-DDF54DCE0004}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{6E7DB763-86AA-4246-A246-28DDD65C110A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{547A478A-BE44-4518-A89B-3874AB95C539}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{01317D40-9D84-4A73-835E-777239376466}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{3F8F9FCF-E9EF-4F1E-A4B9-C130C6A6E397}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{F0AE1322-C4A4-4825-8996-8E0F47091FFC}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{AF701AC7-D124-42C7-AC82-8145972C1C77}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{42621261-CF6A-4C84-B2BA-0A6985D5F3C9}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{69742512-F944-475E-B8FA-24823C70382D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{A9D18FBF-83D5-420B-A84C-5CF2C39A30F0}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{8B0AFA78-BFB7-4569-AC0B-323990001322}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{F595700C-D6A8-4699-A445-92F7BE668519}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{99F9371C-73DE-470A-B26B-5015E49E10B0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{6638338B-EB8F-4CEF-8C22-C2AC67612CA6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{3740A403-3B6B-46F7-A1F4-1309C2A9549F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{278134A7-4753-4FEA-9E5D-30B6ECBE86D4}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{7590F329-47FD-4D71-A63E-3EF82C3C7EE9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{26EA1F64-0A4F-4728-BDD3-62419A694917}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{FA6AA058-A377-46C3-935A-5B41E8601646}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{B56F0656-356C-4F2C-9082-2C5E00FE2323}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{20010152-8F6D-4EB4-8762-F4086AF2FD3A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{ACA47AD9-AEC9-4853-B7E0-EA1558771EBF}] => (Allow) C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8F9F4BA9-FBB0-4F73-A6C3-90D352FF0CE3}] => (Allow) C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{B8DE12EB-12D9-4614-AC39-5046614C32C9}C:\users\georgii\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\georgii\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D4EA90B6-9715-4062-99D5-533AD2CC4205}C:\users\georgii\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\georgii\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{72B6FF32-A0C1-40C7-AC82-BEFB165A13F7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{13239438-9911-4E01-9B4A-2154203FB335}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{99782FF7-1F3E-4356-B48F-337DAFA278C7}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{53C94F93-6966-4D2D-8B41-D8EFD7B0E275}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{83F046B5-9638-46CC-8E27-A7D01D62504D}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{5FFF3C5D-1436-4112-A6BE-D09EC8D79041}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{1F75CACE-8538-47BE-9DBA-9F187EA82F26}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{8BDD9A3E-762D-4B06-BCAC-5D9A64800A2D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F61E69B7-2AF5-4180-976D-39E13BE5E27D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2015 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Update ClearThink since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/20/2015 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/20/2015 07:15:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Margoscha)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/20/2015 12:07:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Margoscha)
Description: Bei der Aktivierung der App „Microsoft.BingSports_8wekyb3d8bbwe!AppexSports“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/19/2015 08:29:27 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (07/19/2015 08:21:18 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (07/18/2015 02:19:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 11:04:01 AM) (Source: MsiInstaller) (EventID: 11719) (User: Margoscha)
Description: Produkt: TuneUp Utilities 2014 -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.

Error: (07/18/2015 11:01:34 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (07/18/2015 11:01:32 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


System errors:
=============
Error: (07/20/2015 07:18:33 PM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: Windows.Store

Error: (07/20/2015 01:41:46 PM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/20/2015 01:41:15 PM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/20/2015 12:59:11 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (07/20/2015 12:53:17 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (07/20/2015 12:08:24 PM) (Source: DCOM) (EventID: 10001) (User: Margoscha)
Description: "C:\Windows\System32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.131Windows.Networking.ContentPrefetcher.Internal.ContentPrefetcherTask.ClassId.1Nicht verfügbarNicht verfügbar

Error: (07/19/2015 08:14:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update ClearThink" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/19/2015 08:14:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1243

Error: (07/17/2015 03:40:17 AM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/17/2015 03:39:47 AM) (Source: DCOM) (EventID: 10010) (User: Margoscha)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office:
=========================
Error: (07/20/2015 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Update ClearThink since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/20/2015 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/20/2015 07:15:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Margoscha)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142

Error: (07/20/2015 12:07:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Margoscha)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927142

Error: (07/19/2015 08:29:27 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/19/2015 08:21:18 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2015 02:19:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 11:04:01 AM) (Source: MsiInstaller) (EventID: 11719) (User: Margoscha)
Description: Produkt: TuneUp Utilities 2014 -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2015 11:01:34 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (07/18/2015 11:01:32 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 6026.27 MB
Available physical RAM: 3399.63 MB
Total Virtual: 9164.42 MB
Available Virtual: 6457.27 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.83 GB) (Free:584.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 944BECE0)

Partition: GPT Partition Type.

==================== End of log ============================
--- --- ---

--- --- ---



FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Georgii (administrator) on MARGOSCHA on 21-07-2015 12:00:19
Running from C:\Users\Georgii\Downloads
Loaded Profiles: Georgii (Available Profiles: Georgii)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Dropbox, Inc.) C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Web Bar Media) C:\Program Files\WebBar\2.0.5574.22315\wb.exe
() C:\Users\Georgii\AppData\Local\Temp\isdkOxD5PLpU\ISightHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [fst_de_22] => [X]
HKLM-x32\...\Run: [t4pc_en_3] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-12] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-12] (Electronic Arts)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [Dropbox Update] => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
Startup: C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_frmr_14_37_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzzyBtN1L2XzutAtFtBtFyCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=628351036&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_frmr_14_37_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzzyBtN1L2XzutAtFtBtFyCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=628351036&ir=
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna1tPBS7p-JQBlPIYjVhf3WBP9F1qJcKF5DMxql4NMxaEaWxqOXRIRjC7qhNBWllqpLuIWuWtFbKIRNL8v6ljY3JQcR5xcYigiiMPXc5TpHcllf33gHAUXjA7sh8CInOUg,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna1tPBS7p-JQBlPIYjVhf3WBP9F1qJcKF5DMxql4NMxaEaWxqOXRIRjC7qhNBWllqpLuIWuWtFbKIRNL8v6ljY3JQcR5xcYigiiMPXc5TpHcllf33gHAUXjA7sh8CInOVw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=1102708822&ir=
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_dsites_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=979804696&ir=
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_4&ent=ch_5127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {8E634135-5FDC-4192-8D95-6125AAA50A17} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M786F78DC-B9B7-4E3B-981A-866C227AB312&SearchSource=58&CUI=&UM=6&UP=SPB5EAD95B-7904-4D9D-8784-63056FA64A10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_frmr_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzzzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=218498141&ir=
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {B2D004DC-5809-4497-ACCD-E4531E66FA12} URL =
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511421146} ->  No File
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-12] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-12] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {3004627E-F8E9-4E8B-909D-316753CBA923} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{930D7CCD-9C61-45EA-AB5D-27DBBAE6643A}: [NameServer] 31.168.224.106,5.135.12.52
Tcpip\..\Interfaces\{930D7CCD-9C61-45EA-AB5D-27DBBAE6643A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B5C0F132-FDAA-4DB0-A56E-475213FE7CD3}: [NameServer] 31.168.224.106,5.135.12.52
Tcpip\..\Interfaces\{B5C0F132-FDAA-4DB0-A56E-475213FE7CD3}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-12]
FF HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\Georgii\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test 127 - C:\Users\Georgii\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2014-01-16]
FF HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\Georgii\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games 111 - C:\Users\Georgii\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-01-16]

Chrome:
=======
CHR Profile: C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Adblock Plus) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-14]
CHR Extension: (Avast SafePrice) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-07-19]
CHR Extension: (Avast Online Security) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Google Wallet) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR HKLM\...\Chrome\Extension: [ehjldlodmkdlooagebfnaghgmkfccipn] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehjldlodmkdlooagebfnaghgmkfccipn] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dghncoeocefmhkhiphdgikkamjeglbfh] - C:\Program Files (x86)\mystarttb\chrome-newtab-search.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ehjldlodmkdlooagebfnaghgmkfccipn] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [jljheddigenhleadfofeccneimcmlefp] - C:\Users\Georgii\AppData\Roaming\speedtest4354\speedtest4354.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-12] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-12] (Electronic Arts)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S2 wbsvc; C:\Program Files\WebBar\wbsvc.exe [37144 2015-04-06] (Web Bar Media)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-12] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-12] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 12:00 - 2015-07-21 12:01 - 00028059 _____ C:\Users\Georgii\Downloads\FRST.txt
2015-07-21 11:59 - 2015-07-21 12:00 - 00000000 ____D C:\FRST
2015-07-21 11:59 - 2015-07-21 11:59 - 02135552 _____ (Farbar) C:\Users\Georgii\Downloads\FRST64.exe
2015-07-20 13:22 - 2015-07-21 11:58 - 00127899 _____ C:\Windows\WindowsUpdate.log
2015-07-20 12:50 - 2015-07-20 12:50 - 00001740 _____ C:\Users\Public\Desktop\Defraggler.lnk
2015-07-20 12:50 - 2015-07-20 12:50 - 00000000 ____D C:\Program Files\Defraggler
2015-07-20 12:49 - 2015-07-20 12:50 - 04532776 _____ (Piriform Ltd) C:\Users\Georgii\Downloads\dfsetup219.exe
2015-07-20 12:36 - 2015-07-20 12:36 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-20 12:36 - 2015-07-20 12:36 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-20 12:36 - 2015-07-20 12:36 - 00000000 ____D C:\Program Files\CCleaner
2015-07-20 12:35 - 2015-07-20 12:35 - 05329360 _____ (Piriform Ltd) C:\Users\Georgii\Downloads\ccsetup507_slim.exe
2015-07-20 12:33 - 2015-07-20 12:33 - 00359656 _____ (Microsoft Corporation) C:\Users\Georgii\Downloads\msicuu2.exe
2015-07-19 20:15 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-19 20:15 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-18 11:00 - 2015-07-18 11:01 - 00000000 ____D C:\Users\Georgii\AppData\Local\WebBar
2015-07-18 11:00 - 2015-07-18 11:00 - 00003784 _____ C:\Windows\System32\Tasks\WebBarUpdateTask
2015-07-18 11:00 - 2015-07-18 11:00 - 00003260 _____ C:\Windows\System32\Tasks\WebBarLaunchTask
2015-07-18 11:00 - 2015-07-18 11:00 - 00001460 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-07-18 11:00 - 2015-07-18 11:00 - 00001265 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\ProgramData\InstallSightSDK
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files\WebBar
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-07-18 10:59 - 2015-07-18 10:59 - 34950064 _____ (DVDVideoSoft Ltd. ) C:\Users\Georgii\Downloads\FreeYouTubeDownload3.2.60.713.exe
2015-07-18 10:59 - 2015-07-18 10:59 - 34950064 _____ (DVDVideoSoft Ltd. ) C:\Users\Georgii\Downloads\FreeYouTubeDownload3.2.60.713 (1).exe
2015-07-16 10:00 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 10:00 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 10:00 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 10:00 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 10:00 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 10:00 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 10:00 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 10:00 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 10:00 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 10:00 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 10:00 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 10:00 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-16 10:00 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-16 10:00 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-16 10:00 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-16 10:00 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-16 10:00 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 10:00 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-16 10:00 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:00 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:00 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-16 10:00 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-16 10:00 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-16 10:00 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-16 10:00 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-16 10:00 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-16 10:00 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-16 10:00 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-16 09:59 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 09:59 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 09:59 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 09:59 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 09:59 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 09:59 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 09:59 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 09:59 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 09:59 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-16 09:59 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 09:59 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 09:59 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-16 09:59 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 09:59 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-16 09:59 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-16 09:59 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-16 09:58 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 09:58 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 09:58 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 09:58 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 09:58 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 09:58 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-16 09:58 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 09:58 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 09:58 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 09:58 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 09:58 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 09:58 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 09:58 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 09:58 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-16 09:58 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 09:58 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-16 09:58 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-16 09:58 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 09:58 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 09:58 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 09:58 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 09:58 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 09:56 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 09:56 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 09:55 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 09:55 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 09:55 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 09:55 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 09:55 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 09:55 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 22:09 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-14 22:09 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 22:08 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 22:08 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 22:08 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 22:08 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 22:08 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 22:08 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 22:08 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-14 22:08 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 22:08 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 22:08 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-14 22:08 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 22:08 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-14 22:08 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-14 22:08 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 22:08 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 22:08 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 22:08 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 22:08 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 22:08 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 22:08 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 22:08 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-14 22:08 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 22:08 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 22:08 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-14 22:08 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 22:08 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-14 22:08 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-14 22:08 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 22:08 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 22:08 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 22:08 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-14 22:08 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 22:08 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 22:08 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 22:08 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 22:08 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-14 22:08 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-14 22:08 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 22:08 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-14 22:08 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 22:08 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-14 22:08 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-14 22:08 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-14 22:08 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-14 22:08 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 16:24 - 2015-07-12 16:24 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\AVAST Software
2015-07-12 16:22 - 2015-07-18 11:04 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-12 16:22 - 2015-07-12 16:22 - 00001942 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-12 16:22 - 2015-07-12 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-12 16:21 - 2015-07-12 16:22 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-12 16:21 - 2015-07-12 16:21 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-12 16:21 - 2015-07-12 16:21 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-12 16:19 - 2015-07-12 16:19 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-12 16:17 - 2015-07-12 16:17 - 05499960 _____ (Avast Software s.r.o.) C:\Users\Georgii\Downloads\avast_free_antivirus_setup_online.exe
2015-07-10 18:39 - 2015-07-10 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etymonix SoftReel
2015-07-10 18:39 - 2015-07-10 18:39 - 00000000 ____D C:\Program Files (x86)\Etymonix
2015-07-10 18:39 - 1997-11-19 16:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-07-10 18:35 - 2015-07-10 18:35 - 01004536 _____ C:\Users\Georgii\Downloads\SoftReel_Setup.exe
2015-07-10 15:27 - 2015-07-10 15:27 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-26 17:22 - 2015-06-26 17:22 - 00000706 _____ C:\Users\Georgii\Downloads\Setup                        .website

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 12:00 - 2014-08-16 14:04 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Skype
2015-07-21 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-21 11:56 - 2015-02-19 13:39 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-21 11:55 - 2014-09-16 11:15 - 00000320 _____ C:\Windows\Tasks\WSE_Astromenda.job
2015-07-21 11:39 - 2015-01-27 18:35 - 00000000 ____D C:\ProgramData\Origin
2015-07-21 11:39 - 2014-06-17 19:50 - 00000000 ___RD C:\Users\Georgii\Dropbox
2015-07-21 11:39 - 2014-03-30 15:57 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Dropbox
2015-07-21 11:38 - 2015-02-19 13:39 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00005544 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-7.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00005544 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-6.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00005210 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-11.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00004184 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-4.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00003494 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-1.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00002472 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5_user.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00002472 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-5.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00002136 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-2.job
2015-07-21 11:38 - 2014-11-28 23:06 - 00001498 _____ C:\Windows\Tasks\a7774df2-7162-4b37-a238-8fb180a0d9b9.job
2015-07-21 11:38 - 2014-11-28 23:05 - 00004520 _____ C:\Windows\Tasks\b55d5c0e-bd29-49f8-b0b7-a61871569172-3.job
2015-07-21 11:38 - 2014-04-21 19:33 - 00001538 _____ C:\Windows\Tasks\2457c43f-96a8-41ce-8e31-60a4d0f191f9-5.job
2015-07-21 09:26 - 2014-09-20 08:14 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F20CBB1C-9178-44A6-9CDD-4C6809BB27A5}
2015-07-20 20:23 - 2015-06-16 11:11 - 00001252 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA.job
2015-07-20 20:23 - 2015-06-16 11:11 - 00001200 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core.job
2015-07-20 19:58 - 2014-09-14 11:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3968757505-1059699835-2356866766-1001
2015-07-20 19:58 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-20 12:41 - 2013-12-29 22:50 - 00000000 ____D C:\Users\Georgii\AppData\Local\CrashDumps
2015-07-20 12:41 - 2013-09-05 16:55 - 00000000 ____D C:\Windows\Panther
2015-07-19 20:20 - 2013-10-20 12:14 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-07-19 20:20 - 2013-10-20 12:14 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-07-19 20:20 - 2013-09-05 16:05 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-19 20:18 - 2015-06-16 11:11 - 00004202 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA
2015-07-19 20:18 - 2015-06-16 11:11 - 00003822 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core
2015-07-19 20:14 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-19 20:14 - 2013-08-22 16:44 - 00414856 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 20:11 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-19 20:09 - 2015-04-04 22:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 20:09 - 2015-04-04 22:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-19 20:09 - 2014-12-18 12:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-19 20:09 - 2014-07-09 22:11 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-19 20:09 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-19 20:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-19 20:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-18 11:01 - 2014-07-05 13:23 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\DVDVideoSoft
2015-07-18 11:00 - 2015-05-19 11:57 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\RPEng
2015-07-16 15:57 - 2015-02-19 13:40 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-16 15:51 - 2015-02-19 13:39 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 15:51 - 2015-02-19 13:39 - 00003874 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 15:27 - 2013-12-29 23:42 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 15:07 - 2014-08-16 14:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 15:07 - 2014-08-16 14:03 - 00000000 ____D C:\ProgramData\Skype
2015-07-12 19:24 - 2015-01-27 18:35 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-12 16:43 - 2014-08-17 13:05 - 00230912 ___SH C:\Users\Georgii\Downloads\Thumbs.db
2015-07-05 12:08 - 2014-01-31 18:32 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43 - 2013-12-29 23:42 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-04-21 19:34 - 2014-04-21 19:45 - 0000318 _____ () C:\Users\Georgii\AppData\Roaming\aps.uninstall.scan.results
2014-04-21 21:44 - 2014-11-11 21:55 - 0000103 _____ () C:\Users\Georgii\AppData\Roaming\WB.CFG
2015-02-18 14:33 - 2015-02-18 14:33 - 0000000 _____ () C:\Users\Georgii\AppData\Local\{1F5BB354-C0CA-413F-832C-BC2054E65F40}
2013-10-20 02:56 - 2013-10-20 02:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Georgii\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn10yig.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-17 03:39

==================== End of log ============================
--- --- ---

schrauber 22.07.2015 07:56
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Open Office 2013 Packages

    Shopping Helper Smartbar

    TV Wizard

    Web Bar 2.0.5574.22315


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

russak777 22.07.2015 12:27
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, Domain Database, 0.0.0.0, 2015.6.12.1,
Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, Remediation Database, 2015.3.9.1, 2015.7.20.1,
Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, IP Database, 0.0.0.0, 2015.6.12.1,
Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, Rootkit Database, 2015.2.25.1, 2015.7.17.1,
Update, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Manual, Malware Database, 2015.3.9.5, 2015.7.22.2,
Protection, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Protection, Malware Protection, Starting,
Protection, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Protection, Malware Protection, Started,
Protection, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Starting,
Protection, 22.07.2015 12:08, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Started,
Update, 22.07.2015 12:09, SYSTEM, MARGOSCHA, Manual, program, 2.1.6.1022, 2.1.8.0,
Protection, 22.07.2015 12:11, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Stopping,
Protection, 22.07.2015 12:11, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Stopped,
Protection, 22.07.2015 12:11, SYSTEM, MARGOSCHA, Protection, Malware Protection, Stopping,
Protection, 22.07.2015 12:11, SYSTEM, MARGOSCHA, Protection, Malware Protection, Stopped,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malware Protection, Starting,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malware Protection, Started,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Starting,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Started,
Error, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Update, Bad md5 or size: akadomains, 11,
Error, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Update, Bad md5 or size: akaips, 11,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, Remediation Database, 2015.5.13.1, 2015.7.20.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, IP Database, 0.0.0.0, 2015.6.12.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, Rootkit Database, 2015.6.2.1, 2015.7.17.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, Domain Database, 0.0.0.0, 2015.6.12.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, AKA IP Database, 0.0.0.0, 2015.7.15.1,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, AKA Domain Database, 0.0.0.0, 2015.7.20.2,
Update, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Manual, Malware Database, 2015.6.3.3, 2015.7.22.2,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Refresh, Starting,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Stopping,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Stopped,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Refresh, Success,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Starting,
Protection, 22.07.2015 12:12, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Started,
Scan, 22.07.2015 12:50, SYSTEM, MARGOSCHA, Manual, Start: 22.07.2015 12:13, Dauer: 33 Min. 15 Sek., Bedrohungssuchlauf, Abgeschlossen, 10 Malware-Erkennung, 669 Nicht-Malware-Erkennungen,
Protection, 22.07.2015 12:53, SYSTEM, MARGOSCHA, Protection, Malware Protection, Starting,
Protection, 22.07.2015 12:53, SYSTEM, MARGOSCHA, Protection, Malware Protection, Started,
Protection, 22.07.2015 12:53, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Starting,
Protection, 22.07.2015 12:53, SYSTEM, MARGOSCHA, Protection, Malicious Website Protection, Started,

(end)

AdwCleaner Logfile:
Code:
# AdwCleaner v4.208 - Bericht erstellt 22/07/2015 um 13:08:45
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Georgii - MARGOSCHA
# Gestarted von : C:\Users\Georgii\Downloads\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\TVWizard
Ordner Gelöscht : C:\ProgramData\Media Get LLC
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Allmyapps
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\RegClean Pro
Ordner Gelöscht : C:\Program Files (x86)\Systweak Support Dock
Ordner Gelöscht : C:\Program Files (x86)\DriverRestore
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\StormFall
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Gameo
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\SetMyHomePage
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gelöscht : C:\Users\Georgii\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Georgii\Documents\PC Speed Maximizer
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Georgii\daemonprocess.txt
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Georgii\Desktop\Goodgame Empire.lnk

***** [ Geplante Tasks ] *****

Task Gelöscht : LaunchApp
Task Gelöscht : LaunchSignup
Task Gelöscht : Optimizer Pro Schedule
Task Gelöscht : pricemeterdownloader
Task Gelöscht : a7774df2-7162-4b37-a238-8fb180a0d9b9

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575579}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576679}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575579}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576679}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\ClickConnect
Schlüssel Gelöscht : HKCU\Software\eSupport.com
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Media Get LLC
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Tuto4PC
Schlüssel Gelöscht : HKCU\Software\DriverRestore
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : HKLM\SOFTWARE\WinUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\SI-App
Schlüssel Gelöscht : HKLM\SOFTWARE\RST
Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Google Chrome v44.0.2403.89

[C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://Lasaoren.com/?f=1&a=lrn_dsites_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=979804696&ir=

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [13103 Bytes] - [22/07/2015 13:07:38]
AdwCleaner[S0].txt - [11254 Bytes] - [22/07/2015 13:08:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11314  Bytes] ##########
--- --- ---

AdwCleaner Logfile:
Code:
# AdwCleaner v4.208 - Bericht erstellt 22/07/2015 um 13:08:45
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Georgii - MARGOSCHA
# Gestarted von : C:\Users\Georgii\Downloads\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\TVWizard
Ordner Gelöscht : C:\ProgramData\Media Get LLC
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Allmyapps
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\RegClean Pro
Ordner Gelöscht : C:\Program Files (x86)\Systweak Support Dock
Ordner Gelöscht : C:\Program Files (x86)\DriverRestore
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Georgii\AppData\Local\StormFall
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Gameo
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\SetMyHomePage
Ordner Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gelöscht : C:\Users\Georgii\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Georgii\Documents\PC Speed Maximizer
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Georgii\daemonprocess.txt
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Georgii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Georgii\Desktop\Goodgame Empire.lnk

***** [ Geplante Tasks ] *****

Task Gelöscht : LaunchApp
Task Gelöscht : LaunchSignup
Task Gelöscht : Optimizer Pro Schedule
Task Gelöscht : pricemeterdownloader
Task Gelöscht : a7774df2-7162-4b37-a238-8fb180a0d9b9

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575579}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576679}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575579}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576679}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\ClickConnect
Schlüssel Gelöscht : HKCU\Software\eSupport.com
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Media Get LLC
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Tuto4PC
Schlüssel Gelöscht : HKCU\Software\DriverRestore
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : HKLM\SOFTWARE\WinUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\SI-App
Schlüssel Gelöscht : HKLM\SOFTWARE\RST
Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Google Chrome v44.0.2403.89

[C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://Lasaoren.com/?f=1&a=lrn_dsites_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBtC0B0EzzyD0FtB0FyBtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByE0AtByCyBtDzytG0FzytAzytG0C0D0DyCtGtAyCtCtAtGtCzytB0D0D0B0ByBzztC0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtB0C0F0FyD0AtAtG0EtCtC0BtGyEyEzztCtGzztC0C0BtGzztC0DtDzzzzzztCzyyEyCyD2Q&cr=979804696&ir=

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [13103 Bytes] - [22/07/2015 13:07:38]
AdwCleaner[S0].txt - [11254 Bytes] - [22/07/2015 13:08:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11314  Bytes] ##########
--- --- ---JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 8.1 x64
Ran by Georgii on 22.07.2015 at 13:15:53,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544424446}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644574479}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544424446}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644574479}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511421146}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511421146}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544424446}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644574479}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544424446}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644574479}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update ClearThink
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update SmarterPower
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util SmarterPower



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\Users\Georgii\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Georgii\AppData\Roaming\goldengate
Successfully deleted: [Folder] C:\Users\Georgii\AppData\Roaming\nico mak computing



~~~ Chrome


[C:\Users\Georgii\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Georgii\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Georgii\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Georgii\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  booedmolknjekdopkepjjeckmjkdpfgl,
  ehjldlodmkdlooagebfnaghgmkfccipn,
  flpcjncodpafbgdpnkljologafpionhb,
  ifohbjbgfchkkfhphahclmkpgejiplfo,
  jljheddigenhleadfofeccneimcmlefp,
  pfkfdlcdbajamklbneflfbcmfgddmpae
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.07.2015 at 13:25:39,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---

schrauber 23.07.2015 07:06

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

russak777 23.07.2015 09:35
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# end=init
# utc_time=2015-07-23 07:54:14
# local_time=2015-07-23 09:54:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 24935
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# end=updated
# utc_time=2015-07-23 08:00:34
# local_time=2015-07-23 10:00:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# engine=24935
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-23 08:02:12
# local_time=2015-07-23 10:02:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=771 16777213 66 68 924892 927656 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 927677 14720924 0 0
# scanned=1720
# found=0
# cleaned=0
# scan_time=98
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# end=init
# utc_time=2015-07-23 08:04:31
# local_time=2015-07-23 10:04:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24935
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# end=updated
# utc_time=2015-07-23 08:04:48
# local_time=2015-07-23 10:04:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a41599fd5a2a93458c03068552b2e6f2
# engine=24935
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-23 08:16:09
# local_time=2015-07-23 10:16:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=771 16777213 66 68 925729 928493 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 928514 14721761 0 0
# scanned=14369
# found=0
# cleaned=0
# scan_time=680

Results of screen317's Security Check version 1.004
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2014 (de-DE)
Google Chrome (43.0.2357.134)
Google Chrome (44.0.2403.89)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng ngservice.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

ich habe noch ne frage er ist immer nicht schneller geworden es hängt beim schreiben.
<Surfen geht es immer noch nicht so richtig möglich beim Chrom habe ich mal ad-blocker Instaliert aber es funkzenirt nicht

schrauber 23.07.2015 17:28
Das frische FRST log fehlt noch.

Zitat:
ich habe noch ne frage er ist immer nicht schneller geworden es hängt beim schreiben.
<Surfen geht es immer noch nicht so richtig möglich beim Chrom habe ich mal ad-blocker Instaliert aber es funkzenirt nicht
:wtf:
das musste ich jetzt 3mal lesen...

russak777 30.07.2015 10:57
ich wollte fragen mein Ad-Blocker funkt nicht


FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Georgii (Administrator) auf MARGOSCHA (30-07-2015 11:55:30)
Gestartet von C:\Users\Georgii\Downloads
Geladene Profile: Georgii (Verfügbare Profile: Georgii)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Georgii\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-12] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-12] (Electronic Arts)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [Dropbox Update] => C:\Users\Georgii\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
Startup: C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Georgii\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Georgii\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3968757505-1059699835-2356866766-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {B2D004DC-5809-4497-ACCD-E4531E66FA12} URL =
SearchScopes: HKU\S-1-5-21-3968757505-1059699835-2356866766-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-12] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{930D7CCD-9C61-45EA-AB5D-27DBBAE6643A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B5C0F132-FDAA-4DB0-A56E-475213FE7CD3}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-12]

Chrome:
=======
CHR Profile: C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-15]
CHR Extension: (Adblock Plus) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-14]
CHR Extension: (Avast SafePrice) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-07-19]
CHR Extension: (Avast Online Security) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Georgii\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-12] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-12] (Electronic Arts)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-12] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-12] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-30 11:55 - 2015-07-30 11:55 - 02169856 _____ (Farbar) C:\Users\Georgii\Downloads\FRST64 (1).exe
2015-07-30 11:33 - 2015-07-30 11:33 - 00000000 ____D C:\Windows\LastGood
2015-07-30 10:58 - 2015-07-30 10:58 - 01627424 _____ C:\Users\Georgii\Downloads\setup_Mueller_Fotowelt.exe
2015-07-30 10:25 - 2015-07-30 10:25 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-23 10:22 - 2015-07-23 10:22 - 00852662 _____ C:\Users\Georgii\Downloads\SecurityCheck.exe
2015-07-23 09:52 - 2015-07-23 09:52 - 02870984 _____ (ESET) C:\Users\Georgii\Downloads\esetsmartinstaller_deu.exe
2015-07-22 13:25 - 2015-07-22 13:25 - 00003489 _____ C:\Users\Georgii\Desktop\JRT.txt
2015-07-22 13:15 - 2015-07-22 13:15 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Georgii\Downloads\JRT.exe
2015-07-22 13:04 - 2015-07-22 13:04 - 00003796 _____ C:\lolk.txt
2015-07-22 13:03 - 2015-07-22 12:53 - 00011322 _____ C:\lol.xml
2015-07-22 12:56 - 2015-07-22 13:09 - 00000000 ____D C:\AdwCleaner
2015-07-22 12:28 - 2015-07-22 12:28 - 02248704 _____ C:\Users\Georgii\Downloads\AdwCleaner_4.208.exe
2015-07-22 12:07 - 2015-07-22 12:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-22 12:06 - 2015-07-22 12:07 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Georgii\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-22 11:44 - 2015-07-22 11:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Georgii\Downloads\revosetup95.exe
2015-07-22 11:44 - 2015-07-22 11:44 - 00001288 _____ C:\Users\Georgii\Desktop\Revo Uninstaller.lnk
2015-07-22 11:44 - 2015-07-22 11:44 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-22 11:32 - 2015-07-30 11:34 - 00001984 _____ C:\Windows\setupact.log
2015-07-22 11:32 - 2015-07-22 11:32 - 00000000 _____ C:\Windows\setuperr.log
2015-07-22 11:29 - 2015-07-30 11:31 - 00117670 _____ C:\Windows\PFRO.log
2015-07-21 14:28 - 2015-07-30 11:54 - 00313193 _____ C:\Windows\WindowsUpdate.log
2015-07-21 12:02 - 2015-07-21 12:03 - 00039958 _____ C:\Users\Georgii\Downloads\Addition.txt
2015-07-21 12:00 - 2015-07-30 11:55 - 00020549 _____ C:\Users\Georgii\Downloads\FRST.txt
2015-07-21 11:59 - 2015-07-30 11:55 - 00000000 ____D C:\FRST
2015-07-21 11:59 - 2015-07-21 11:59 - 02135552 _____ (Farbar) C:\Users\Georgii\Downloads\FRST64.exe
2015-07-20 19:26 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:26 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 19:26 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:26 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 12:50 - 2015-07-20 12:50 - 00001740 _____ C:\Users\Public\Desktop\Defraggler.lnk
2015-07-20 12:50 - 2015-07-20 12:50 - 00000000 ____D C:\Program Files\Defraggler
2015-07-20 12:49 - 2015-07-20 12:50 - 04532776 _____ (Piriform Ltd) C:\Users\Georgii\Downloads\dfsetup219.exe
2015-07-20 12:36 - 2015-07-20 12:36 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-20 12:36 - 2015-07-20 12:36 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-20 12:36 - 2015-07-20 12:36 - 00000000 ____D C:\Program Files\CCleaner
2015-07-20 12:35 - 2015-07-20 12:35 - 05329360 _____ (Piriform Ltd) C:\Users\Georgii\Downloads\ccsetup507_slim.exe
2015-07-20 12:33 - 2015-07-20 12:33 - 00359656 _____ (Microsoft Corporation) C:\Users\Georgii\Downloads\msicuu2.exe
2015-07-19 20:15 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-19 20:15 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-18 11:00 - 2015-07-18 11:00 - 00001460 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-07-18 11:00 - 2015-07-18 11:00 - 00001265 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-07-18 11:00 - 2015-07-18 11:00 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-07-18 10:59 - 2015-07-18 10:59 - 34950064 _____ (DVDVideoSoft Ltd. ) C:\Users\Georgii\Downloads\FreeYouTubeDownload3.2.60.713.exe
2015-07-18 10:59 - 2015-07-18 10:59 - 34950064 _____ (DVDVideoSoft Ltd. ) C:\Users\Georgii\Downloads\FreeYouTubeDownload3.2.60.713 (1).exe
2015-07-16 10:00 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 10:00 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 10:00 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 10:00 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 10:00 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 10:00 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 10:00 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 10:00 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 10:00 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 10:00 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 10:00 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 10:00 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 10:00 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-16 10:00 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-16 10:00 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-16 10:00 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-16 10:00 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-16 10:00 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 10:00 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-16 10:00 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:00 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:00 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-16 10:00 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-16 10:00 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-16 10:00 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-16 10:00 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-16 10:00 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-16 10:00 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-16 10:00 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-16 10:00 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-16 09:59 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 09:59 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 09:59 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 09:59 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 09:59 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 09:59 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 09:59 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 09:59 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 09:59 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-16 09:59 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 09:59 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 09:59 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-16 09:59 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 09:59 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-16 09:59 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-16 09:59 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-16 09:58 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 09:58 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 09:58 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 09:58 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 09:58 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 09:58 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-16 09:58 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 09:58 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 09:58 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 09:58 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 09:58 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 09:58 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 09:58 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 09:58 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 09:58 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 09:58 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 09:58 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 09:58 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 09:56 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 09:56 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 09:55 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 09:55 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 09:55 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 09:55 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 09:55 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 09:55 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 22:09 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-14 22:09 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 22:08 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 22:08 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 22:08 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 22:08 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 22:08 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 22:08 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 22:08 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-14 22:08 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 22:08 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 22:08 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-14 22:08 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 22:08 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-14 22:08 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-14 22:08 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 22:08 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 22:08 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 22:08 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 22:08 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 22:08 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 22:08 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 22:08 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-14 22:08 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 22:08 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 22:08 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-14 22:08 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 22:08 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-14 22:08 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-14 22:08 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 22:08 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 22:08 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 22:08 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-14 22:08 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 22:08 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 22:08 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 22:08 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 22:08 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-14 22:08 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-14 22:08 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 22:08 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-14 22:08 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 22:08 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-14 22:08 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-14 22:08 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-14 22:08 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-14 22:08 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 16:24 - 2015-07-12 16:24 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\AVAST Software
2015-07-12 16:22 - 2015-07-22 13:11 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-12 16:22 - 2015-07-12 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-12 16:21 - 2015-07-12 16:22 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-12 16:21 - 2015-07-12 16:21 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-12 16:21 - 2015-07-12 16:21 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-12 16:21 - 2015-07-12 16:21 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-12 16:19 - 2015-07-12 16:19 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-12 16:17 - 2015-07-12 16:17 - 05499960 _____ (Avast Software s.r.o.) C:\Users\Georgii\Downloads\avast_free_antivirus_setup_online.exe
2015-07-10 18:39 - 2015-07-10 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etymonix SoftReel
2015-07-10 18:39 - 2015-07-10 18:39 - 00000000 ____D C:\Program Files (x86)\Etymonix
2015-07-10 18:39 - 1997-11-19 16:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-07-10 18:35 - 2015-07-10 18:35 - 01004536 _____ C:\Users\Georgii\Downloads\SoftReel_Setup.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-30 11:56 - 2015-02-19 13:39 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-30 11:55 - 2014-08-16 14:04 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Skype
2015-07-30 11:38 - 2013-10-20 12:14 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-07-30 11:38 - 2013-10-20 12:14 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-07-30 11:38 - 2013-09-05 16:05 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-30 11:37 - 2014-09-14 11:04 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3968757505-1059699835-2356866766-1001
2015-07-30 11:35 - 2014-06-17 19:50 - 00000000 ___RD C:\Users\Georgii\Dropbox
2015-07-30 11:35 - 2014-03-30 15:57 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\Dropbox
2015-07-30 11:33 - 2013-10-20 02:56 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-07-30 11:32 - 2015-02-19 13:39 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-30 11:32 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-30 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-30 10:59 - 2015-02-19 13:40 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-30 10:25 - 2015-06-16 11:11 - 00001252 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA.job
2015-07-30 10:12 - 2015-04-04 22:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-30 10:12 - 2014-09-20 08:14 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F20CBB1C-9178-44A6-9CDD-4C6809BB27A5}
2015-07-30 10:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-23 13:31 - 2015-01-27 18:35 - 00000000 ____D C:\ProgramData\Origin
2015-07-22 13:09 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-22 13:08 - 2013-12-28 21:20 - 00000000 ____D C:\Users\Georgii
2015-07-22 13:04 - 2014-08-17 13:05 - 00230912 ___SH C:\Users\Georgii\Downloads\Thumbs.db
2015-07-22 12:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\L2Schemas
2015-07-22 11:32 - 2013-08-22 16:44 - 00413488 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 12:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-20 20:23 - 2015-06-16 11:11 - 00001200 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core.job
2015-07-20 19:58 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-20 12:41 - 2013-12-29 22:50 - 00000000 ____D C:\Users\Georgii\AppData\Local\CrashDumps
2015-07-20 12:41 - 2013-09-05 16:55 - 00000000 ____D C:\Windows\Panther
2015-07-19 20:18 - 2015-06-16 11:11 - 00004202 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001UA
2015-07-19 20:18 - 2015-06-16 11:11 - 00003822 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968757505-1059699835-2356866766-1001Core
2015-07-19 20:09 - 2015-04-04 22:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 20:09 - 2014-12-18 12:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-19 20:09 - 2014-07-09 22:11 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-19 20:09 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-19 20:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-18 11:01 - 2014-07-05 13:23 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\DVDVideoSoft
2015-07-18 11:00 - 2015-05-19 11:57 - 00000000 ____D C:\Users\Georgii\AppData\Roaming\RPEng
2015-07-16 15:51 - 2015-02-19 13:39 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 15:51 - 2015-02-19 13:39 - 00003874 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 15:27 - 2013-12-29 23:42 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 15:07 - 2014-08-16 14:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 15:07 - 2014-08-16 14:03 - 00000000 ____D C:\ProgramData\Skype
2015-07-12 19:24 - 2015-01-27 18:35 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-05 12:08 - 2014-01-31 18:32 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43 - 2013-12-29 23:42 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-21 21:44 - 2014-11-11 21:55 - 0000103 _____ () C:\Users\Georgii\AppData\Roaming\WB.CFG
2015-02-18 14:33 - 2015-02-18 14:33 - 0000000 _____ () C:\Users\Georgii\AppData\Local\{1F5BB354-C0CA-413F-832C-BC2054E65F40}
2013-10-20 02:56 - 2013-10-20 02:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Georgii\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzgqigd.dll
C:\Users\Georgii\AppData\Local\Temp\Quarantine.exe
C:\Users\Georgii\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-30 10:30

==================== Ende von log ============================
--- --- ---

schrauber 30.07.2015 18:18
Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:17 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131