Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows8.1 yoursites123 und omniboxes in den Browsern

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.12.2015, 22:55   #1
paulmueck
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Hallo,
im Firefox hatte sich "123search" bzw. "yoursites123" eingenistet.
Habe damit verbundene Programme gesucht und deinstalliert.
Die Firefox-Verknüpfung war auch verändert. Die habe ich gelöscht.
Eine neue Verknüpfung wurde wieder geändert.
Nach erneutem Löschen ist in dieser Hinsicht im Moment Ruhe.
Aktuell taucht im Firefox davon nichts mehr auf. Im Logfile steht aber nochwas davon.

Im MS Internet-Explorer - den ich sehr selten nutze - ist jetzt "omniboxes" die Startseite.
Dagegen habe ich noch nichts gemacht.

Ich nehme an, daß ich mir die Sachen beim Installieren von Freeware-Programmen eingefangen habe - kann es aber nicht genau nachvollziehen.

Unter "TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe" kann ich mir nichts vorstellen.
Ist das relevant?

Gruß Paul

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-12-2015
durchgeführt von Paul (Administrator) auf GIGA (29-12-2015 23:21:49)
Gestartet von C:\Users\Paul\Desktop
Geladene Profile: Paul (Verfügbare Profile: Paul & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(tsvr.com) C:\Users\Paul\AppData\Roaming\TSv\TSvr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(TFuns LIMITED) C:\ProgramData\gWdMg\WdMan.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(RaMMicHaeL) C:\Users\Paul\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINOE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINOE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-29] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\Paul\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [380416 2015-12-04] (RaMMicHaeL)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [ACDSeeCommanderPro8] => C:\Program Files\ACD Systems\ACDSee Pro\8.0\ACDSeeCommanderPro8.exe [2141192 2015-02-15] ()
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [382976 2013-08-22] (Microsoft Corporation)
ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\SysWOW64\mscoree.dll [330240 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-29] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AC7336B0-7DA0-41CE-8663-E97D683B24BA}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKU\S-1-5-21-50711351-3327628023-445584072-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449845906&z=ca34aef73e66828b21704b9g9z9z2t1b9z8wbtdg6e&from=ient07021&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKU\S-1-5-21-50711351-3327628023-445584072-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKU\S-1-5-21-50711351-3327628023-445584072-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKU\S-1-5-21-50711351-3327628023-445584072-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449845906&z=ca34aef73e66828b21704b9g9z9z2t1b9z8wbtdg6e&from=ient07021&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKU\S-1-5-21-50711351-3327628023-445584072-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-29] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-29] (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.yoursites123.com/?type=sc&ts=1450939994&z=6480145fdbb131a95d93927g9z0wceft0cat5t6t6c&from=wpm07173&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N

FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933
FF NewTab: hxxp://www.yoursites123.com/newtab/?type=nt&ts=1450939994&z=6480145fdbb131a95d93927g9z0wceft0cat5t6t6c&from=wpm07173&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
FF SelectedSearchEngine: yoursites123
FF Homepage: hxxp://www.yoursites123.com/?type=hp&ts=1449845906&z=ca34aef73e66828b21704b9g9z9z2t1b9z8wbtdg6e&from=ient07021&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-27] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-27] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-50711351-3327628023-445584072-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\searchplugins\yoursites123.xml [2015-12-24]
FF Extension: All-in-One Sidebar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-10-12]
FF Extension: Bulk Image Downloader - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2015-10-12]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\ALone-live@ya.ru.xpi [2015-10-27]
FF Extension: NoScript - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-24]
FF Extension: Image Toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{A4732521-77D9-447E-A557-B279AC923F06}.xpi [2015-11-30]
FF Extension: Status-4-Evar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\status4evar@caligonstudios.com.xpi [2015-12-08]
FF Extension: Tab Mix Plus - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-12-27]
FF Extension: Linkification - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi [2015-12-28]
FF Extension: Default NewTab - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\default_newtabff@gmail.com [2015-12-24] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\elemhidehelper@adblockplus.org.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-17]
FF Extension: Adblock Plus - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\default_newtabff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\yahooprotected@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-29]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-29] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 IhPul; C:\Users\Paul\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S4 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [172192 2015-12-24] (TODO: <公司名>)
S4 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1666416 2014-12-25] (Crystal Rich Ltd)
R2 WdMan; C:\ProgramData\gWdMg\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-29] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 mlkumidi; C:\Windows\system32\drivers\mlkumidi.sys [55856 2014-08-30] (MusicLab, Inc.)
S3 nika6audio; C:\Windows\System32\Drivers\nika6audio.sys [365456 2015-04-01] (Native Instruments GmbH)
S3 nika6usb; C:\Windows\system32\DRIVERS\nika6usb.sys [83272 2015-04-01] (Native Instruments GmbH)
S3 OV550I; C:\Windows\System32\Drivers\ov550ivx.sys [196992 2008-02-21] (Omnivision Technologies, Inc.)
S4 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2015-02-15] (Padus, Inc.) [Datei ist nicht signiert]
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-01-04] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2015-01-04] (Acronis International GmbH)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S4 cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S3 RTHDMIAzAudService; \SystemRoot\system32\drivers\RtHDMIVX.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2060-04-01 16:08 - 2015-10-28 19:50 - 00000000 ____D C:\Users\Paul\Documents\Cubase Projects
2060-04-01 16:00 - 2060-04-01 16:00 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2060-04-01 16:00 - 2060-04-01 16:00 - 00000000 ____D C:\ProgramData\Syncrosoft
2060-04-01 16:00 - 2015-05-13 23:03 - 00000000 ____D C:\ProgramData\eLicenser
2060-04-01 16:00 - 2011-12-14 20:22 - 00030352 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\Drivers\synusb64.sys
2015-12-29 23:21 - 2015-12-29 23:22 - 00029575 _____ C:\Users\Paul\Desktop\FRST.txt
2015-12-29 23:16 - 2015-12-29 23:16 - 00059717 _____ C:\Users\Paul\Desktop\Addition1.txt
2015-12-29 23:15 - 2015-12-29 23:21 - 00000000 ____D C:\FRST
2015-12-29 23:15 - 2015-12-29 23:16 - 00047604 _____ C:\Users\Paul\Desktop\FRST1.txt
2015-12-29 23:14 - 2015-12-29 23:14 - 02370560 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2015-12-29 23:10 - 2015-12-29 23:10 - 00001532 _____ C:\Users\Paul\Desktop\iexplore.exe - Verknüpfung.lnk
2015-12-29 23:09 - 2015-12-29 23:09 - 00001499 _____ C:\Users\Paul\Desktop\firefox.exe - Verknüpfung.lnk
2015-12-29 13:42 - 2015-12-29 13:42 - 00000000 ____D C:\Users\Paul\AppData\Roaming\eCyber
2015-12-29 13:36 - 2015-12-29 15:37 - 00000001 _____ C:\Windows\SysWOW64\de.html
2015-12-24 07:53 - 2015-12-24 07:53 - 00000000 ____D C:\ProgramData\gWdMg
2015-12-24 07:53 - 2015-12-24 07:53 - 00000000 ____D C:\ProgramData\eWdMe
2015-12-24 07:52 - 2015-12-24 07:52 - 02770377 _____ (iBank) C:\Program Files (x86)\SSFK.exe
2015-12-23 09:46 - 2015-12-23 09:47 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2015-12-23 09:46 - 2015-12-23 09:46 - 00001523 _____ C:\Users\Public\Desktop\Free Video to DVD Converter.lnk
2015-12-23 09:46 - 2015-12-23 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-12-23 09:46 - 2015-12-23 09:46 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-12-22 20:09 - 2015-12-23 13:41 - 00534871 _____ C:\Users\Paul\Desktop\DVDCover.cdr
2015-12-22 19:14 - 2015-12-23 10:25 - 00000000 ____D C:\Program Files (x86)\Boilsoft Video Cutter
2015-12-22 18:52 - 2015-12-22 18:52 - 00001171 _____ C:\Users\Public\Desktop\Boilsoft Video Splitter.lnk
2015-12-22 18:52 - 2015-12-22 18:52 - 00001129 _____ C:\Users\Public\Desktop\Boilsoft Video Joiner.lnk
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Boilsoft
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\Program Files (x86)\Boilsoft
2015-12-22 17:39 - 2015-12-22 17:39 - 00002524 _____ C:\Users\Paul\Desktop\Windows 7 USB DVD Download Tool.lnk
2015-12-22 17:39 - 2015-12-22 17:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-12-22 17:39 - 2015-12-22 17:39 - 00000000 ____D C:\Users\Paul\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-12-22 17:03 - 2015-12-22 17:03 - 00001078 _____ C:\Users\Paul\Desktop\Format Factory.lnk
2015-12-22 17:03 - 2015-12-22 17:03 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-12-22 17:03 - 2015-12-22 17:03 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2015-12-21 19:02 - 2015-12-23 10:20 - 00005632 _____ C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-21 18:56 - 2015-12-23 12:01 - 00000000 ____D C:\Avi2DVD
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\Program Files (x86)\Xvid
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\Program Files (x86)\ffdshow
2015-12-21 18:25 - 2010-03-03 00:00 - 00085504 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-12-21 18:25 - 2009-06-07 16:25 - 00077824 _____ C:\Windows\SysWOW64\xvid.ax
2015-12-21 18:25 - 2009-06-07 16:24 - 00180224 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-12-21 18:25 - 2009-06-07 16:16 - 00819200 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\Program Files (x86)\Haali
2015-12-21 18:23 - 2015-12-21 18:23 - 00033019 _____ C:\Windows\SysWOW64\CoreAAC-uninstall.exe
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Program Files (x86)\AC3Filter
2015-12-21 18:23 - 2009-08-11 21:22 - 00580096 _____ C:\Windows\system32\ac3filter64.acm
2015-12-21 18:23 - 2009-08-11 21:18 - 00497664 _____ C:\Windows\SysWOW64\ac3filter.acm
2015-12-21 18:22 - 2015-12-21 19:42 - 00001002 _____ C:\Users\Paul\Desktop\Avi2Dvd.lnk
2015-12-21 18:22 - 2015-12-21 18:59 - 00000000 ____D C:\Program Files (x86)\Avi2Dvd
2015-12-21 18:22 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avi2Dvd
2015-12-21 18:22 - 2015-12-21 18:22 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avi2Dvd
2015-12-20 10:41 - 2015-12-20 10:41 - 00000091 _____ C:\Windows\fnerr.dat
2015-12-16 20:17 - 2015-12-16 20:17 - 00000866 _____ C:\Users\Public\Desktop\Print CD.lnk
2015-12-16 20:16 - 2015-12-20 09:23 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Epson
2015-12-16 20:16 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\UDL
2015-12-16 20:16 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-12-16 19:55 - 2015-12-29 16:55 - 00000929 _____ C:\Windows\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}.job
2015-12-16 19:55 - 2015-12-16 19:55 - 00003960 _____ C:\Windows\System32\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}
2015-12-16 19:48 - 2015-12-29 16:48 - 00000929 _____ C:\Windows\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}.job
2015-12-16 19:48 - 2015-12-16 19:48 - 00003960 _____ C:\Windows\System32\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}
2015-12-16 19:48 - 2015-12-16 19:48 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-12-16 19:39 - 2015-12-16 19:39 - 00000000 ____D C:\Program Files\EpsonNet
2015-12-16 19:38 - 2015-12-16 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-16 19:38 - 2015-12-16 20:17 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2015-12-16 19:38 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-12-16 19:38 - 2015-12-16 20:16 - 00000000 ____D C:\Program Files (x86)\epson
2015-12-16 19:38 - 2015-12-16 19:38 - 00000945 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-12-16 19:38 - 2014-02-25 00:00 - 00466944 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2015-12-16 19:38 - 2013-12-06 04:05 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBNOE.DLL
2015-12-16 19:38 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2015-12-16 19:38 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BNOE.DLL
2015-12-16 19:38 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-12-16 19:15 - 2015-12-19 09:11 - 00000000 ____D C:\ProgramData\Epson
2015-12-16 15:40 - 2015-12-16 15:40 - 00001142 __RSH C:\ProgramData\ntuser.pol
2015-12-14 14:07 - 2015-12-29 13:44 - 00000000 ____D C:\Program Files (x86)\WinZipper
2015-12-14 14:07 - 2015-12-14 14:07 - 00000000 ____D C:\ProgramData\6WdM6
2015-12-14 14:06 - 2015-12-14 14:06 - 00000000 ____D C:\ProgramData\9WdM9
2015-12-11 15:59 - 2015-12-11 16:00 - 00000000 ____D C:\ProgramData\OWdMO
2015-12-05 10:43 - 2015-12-05 10:43 - 00000000 ____D C:\Program Files (x86)\GUM519E.tmp
2015-12-03 15:04 - 2015-12-03 15:04 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 15:04 - 2015-12-03 15:04 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-29 12:25 - 2015-11-29 12:25 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-29 12:25 - 2015-11-29 12:25 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-29 12:08 - 2015-11-29 12:08 - 03787831 _____ C:\Users\Paul\Downloads\mg5200-sm.pdf
2015-11-29 11:16 - 2015-11-29 11:16 - 00000000 ____D C:\Users\Paul\AppData\Local\MAGIX_Software_GmbH
2015-11-29 11:13 - 2015-11-29 11:13 - 00000000 ____D C:\Users\Paul\Documents\MAGIX Downloads
2015-11-29 10:59 - 2015-11-29 10:59 - 00001158 _____ C:\Users\Public\Desktop\MAGIX Fotostory 2015 Deluxe.lnk
2015-11-29 10:59 - 2015-11-29 10:59 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2015-11-29 10:59 - 2015-11-29 10:59 - 00000000 ____D C:\Users\Paul\Documents\MAGIX_MusicEditor
2015-11-29 10:59 - 2015-11-29 10:59 - 00000000 ____D C:\Users\Paul\AppData\Local\Xara

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-29 23:20 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-29 23:09 - 2015-01-02 00:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-29 23:09 - 2013-12-22 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-29 23:02 - 2015-10-17 11:55 - 00004196 _____ C:\Windows\System32\Tasks\Software Updater
2015-12-29 22:58 - 2015-08-18 16:27 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-29 17:10 - 2015-01-02 00:44 - 00000000 ____D C:\Users\Paul\AppData\Roaming\ClassicShell
2015-12-29 16:48 - 2015-08-18 16:27 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-29 16:20 - 2015-11-24 08:23 - 00000000 ____D C:\Program Files (x86)\SFK
2015-12-28 08:50 - 2015-01-03 17:09 - 00000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2015-12-28 08:41 - 2013-12-22 13:54 - 02061180 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-28 08:41 - 2013-09-30 04:58 - 00876094 _____ C:\Windows\system32\perfh007.dat
2015-12-28 08:41 - 2013-09-30 04:58 - 00200744 _____ C:\Windows\system32\perfc007.dat
2015-12-28 08:41 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-27 19:39 - 2015-04-03 07:29 - 00002256 ____H C:\Users\Paul\Documents\Default.rdp
2015-12-27 17:33 - 2015-01-05 18:42 - 00003774 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-27 17:33 - 2015-01-05 18:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-27 17:30 - 2015-06-21 10:05 - 00000000 ____D C:\ProgramData\PACE
2015-12-27 17:29 - 2015-01-04 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-27 17:29 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-27 17:28 - 2015-01-01 23:46 - 00000000 ____D C:\Users\Paul
2015-12-27 02:09 - 2015-02-28 11:20 - 00000000 ____D C:\Users\Paul\AppData\Roaming\dvdcss
2015-12-25 15:01 - 2015-01-01 23:51 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-50711351-3327628023-445584072-1001
2015-12-25 13:26 - 2015-09-21 14:56 - 00000000 ____D C:\Windows\Minidump
2015-12-24 07:53 - 2015-10-10 07:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\TSv
2015-12-24 07:53 - 2015-10-02 16:15 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-12-23 17:31 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-23 17:10 - 2015-07-17 16:19 - 00001908 _____ C:\Windows\diagwrn.xml
2015-12-23 17:10 - 2015-07-17 16:19 - 00001908 _____ C:\Windows\diagerr.xml
2015-12-23 12:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-12-22 19:00 - 2013-08-22 15:44 - 00681184 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-21 17:23 - 2015-01-03 18:17 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-12-19 09:31 - 2015-02-02 19:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Canon
2015-12-17 19:48 - 2015-01-24 08:39 - 00000000 ____D C:\Users\Paul\dwhelper
2015-12-16 20:17 - 2015-04-11 08:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-16 20:17 - 2013-09-30 05:00 - 00000000 ____D C:\Windows\ShellNew
2015-12-16 15:40 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-12-14 18:53 - 2015-03-15 09:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-14 18:39 - 2015-01-04 12:49 - 00000000 ____D C:\Program Files\CCleaner
2015-12-12 10:45 - 2015-01-01 23:46 - 00000000 ____D C:\Users\Paul\AppData\Local\Packages
2015-12-07 18:37 - 2015-08-31 17:37 - 00000000 ____D C:\Users\Paul\AppData\Roaming\MyPhoneExplorer
2015-12-05 13:02 - 2015-02-01 08:53 - 00000000 ____D C:\Users\Paul\AppData\Local\Microsoft Help
2015-12-05 10:43 - 2015-08-18 16:27 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 10:43 - 2015-08-18 16:27 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-29 12:25 - 2015-03-15 09:18 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-29 12:25 - 2015-03-15 09:18 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-29 12:25 - 2015-03-15 09:18 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-29 12:25 - 2015-03-15 09:18 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-29 12:25 - 2015-03-15 09:18 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-29 12:25 - 2015-03-15 09:18 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-29 12:25 - 2015-03-15 09:18 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-29 12:25 - 2015-03-15 09:18 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-29 11:15 - 2015-05-19 08:12 - 00000000 ____D C:\Users\Paul\AppData\Roaming\MAGIX
2015-11-29 11:14 - 2015-05-19 08:10 - 00000000 ____D C:\ProgramData\MAGIX
2015-11-29 11:13 - 2015-05-19 08:09 - 00000000 ___RD C:\Users\Paul\Documents\MAGIX
2015-11-29 10:59 - 2015-05-19 08:12 - 00000000 ____D C:\Users\Paul\AppData\Local\MAGIX
2015-11-29 10:59 - 2015-05-19 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-11-29 10:58 - 2015-05-19 08:10 - 00000000 ____D C:\Program Files (x86)\MAGIX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-25 17:35 - 2013-04-11 18:53 - 0000074 _____ () C:\Program Files (x86)\agg-lic.dat
2015-04-25 17:35 - 2012-12-13 01:36 - 9371648 _____ () C:\Program Files (x86)\AGG.dll
2015-12-24 07:52 - 2015-12-24 07:52 - 2770377 _____ (iBank) C:\Program Files (x86)\SSFK.exe
2015-10-02 16:03 - 2015-10-02 16:08 - 0001043 _____ () C:\Users\Paul\AppData\Roaming\burnaware.ini
2015-01-05 19:20 - 2015-04-01 17:16 - 0159200 ____T () C:\Users\Paul\AppData\Roaming\CrashRpt1402.dll
2015-10-18 12:43 - 2015-10-28 18:24 - 0000016 _____ () C:\Users\Paul\AppData\Roaming\msregsvv.dll
2015-06-28 07:57 - 2015-06-28 07:57 - 0105528 _____ (Un4seen Developments) C:\Users\Paul\AppData\Local\bass.dll
2015-12-21 19:02 - 2015-12-23 10:20 - 0005632 _____ () C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-03 18:42 - 2015-01-03 18:42 - 0000017 _____ () C:\Users\Paul\AppData\Local\resmon.resmoncfg
2015-10-18 12:43 - 2015-10-28 18:24 - 0000016 _____ () C:\ProgramData\autobk.inc
2015-07-05 12:38 - 2015-07-05 12:38 - 0000117 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2015-10-02 16:15 - 2015-12-24 07:53 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-21 09:47

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-12-2015
durchgeführt von Paul (2015-12-29 23:22:10)
Gestartet von C:\Users\Paul\Desktop
Windows 8.1 Pro (X64) (2015-01-01 22:46:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-50711351-3327628023-445584072-500 - Administrator - Disabled)
Gast (S-1-5-21-50711351-3327628023-445584072-501 - Limited - Disabled)
Paul (S-1-5-21-50711351-3327628023-445584072-1001 - Administrator - Enabled) => C:\Users\Paul

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7+ Taskbar Tweaker v5.1 (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\7 Taskbar Tweaker) (Version: 5.1 - RaMMicHaeL)
Ableton Live 9 Suite (HKLM\...\{11DF5764-52FF-4149-8B65-FB4D721975C9}) (Version: 9.0.0.0 - Ableton)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
ACDSee Pro 8 (64-bit) (HKLM\...\{F84CE839-8CDD-4DC1-9A05-FA93BEA8B63D}) (Version: 8.0.0.266 - ACD Systems International Inc.)
Acronis True Image 2014 (HKLM-x32\...\{D1CBB979-E0F5-464C-ACCB-4071078DA04A}Visible) (Version: 17.0.6614 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6614 - Acronis) Hidden
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
AIDA64 Engineer v5.00 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 5.00 - FinalWire Ltd.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Ample Guitar F II version 2.0.2 (HKLM-x32\...\{26ABCDDF-80B4-409D-B169-400C54E6E1C0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar G II Extension 1 (Both Pickup) version 2.0.2 (HKLM-x32\...\{CEFDB1D7-F4AE-42CD-A060-B923453056B0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar G II version 2.0.2 (HKLM-x32\...\{C5C4DE66-ACC5-4431-892B-A581516DF4DD}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar M II version 2.0.2 (HKLM-x32\...\{DBBA77E4-611C-4633-AC13-96A6598AF746}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar P II Extension (Neck Pickup) version 2.0.2 (HKLM-x32\...\{3758B201-9310-4492-A8FA-003C2FD6BFA9}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar P II version 2.0.2 (HKLM-x32\...\{5F4EB709-CBDD-4B9D-A733-5CD7FA3FF6E2}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyMP4 Blu-ray Player 6.1.30 (HKLM-x32\...\{DF8BE739-832A-482a-8C75-FB9628A6BE6E}_is1) (Version: 6.1.30 - AnyMP4 Studio)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.7.0 - CrystalIdea Software, Inc.)
ArcSoft PhotoImpression 6 (HKLM-x32\...\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}) (Version: 6.1.8.146 - ArcSoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Boilsoft Video Joiner 6.57 (HKLM-x32\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version:  - Boilsoft, Inc.)
Boilsoft Video Splitter 6.34 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version:  - Boilsoft, Inc.)
Bulk Image Downloader v4.91.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version:  - Antibody Software)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
Camel Audio Alchemy64 (HKLM-x32\...\Camel Audio Alchemy64) (Version: 1.25.0 - Camel Audio)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Cantabile 2.0 Lite (x64) (HKLM-x32\...\Cantabile 2.0 Lite (x64)) (Version:  - Topten Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
CGS17_Setup_x64 (Version: 17.3 - Corel Corporation) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{B344E0F4-3FD8-4D88-97AF-3F75033FA562}) (Version: 17.3.0.772 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.3.772 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.3.772 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CS (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - DE (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - ES (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FR (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - JP (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - NL (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PL (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - RU (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.3.0.772 - Corel Corporation)
Custom Shop version 1.6.1 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.6.1 - IK Multimedia)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15.1 - Illustrate)
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 11 - Illustrate)
DriverEasy 4.9.5 (HKLM\...\DriverEasy_is1) (Version: 4.9.5.0 - Easeware)
DX10 (HKLM-x32\...\DX10) (Version:  - Image-Line)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West Vapor (HKLM-x32\...\East West Vapor) (Version:  - )
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Elevated Installer (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service)
E-License Manager (Version: 1.3.0.0 - Magix) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.1.1172 - Steinberg Media Technologies GmbH)
Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.1.0.224 - Best Service)
Engine 2 (Version: 2.1.0.224 - Best Service) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.42.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-620 Series Printer Uninstall (HKLM\...\EPSON XP-620 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
Everything Bundle Upgrade for SynthMaster version 3.0 (HKLM-x32\...\{8E3B1338-DC03-4C10-AB9D-BFD06DBA609D}_is1) (Version: 3.0 - KV331 Audio)
EZkeys Mellotoon 64 (HKLM\...\{EA588FDB-2CDB-4F19-BF6A-4DC6EA64D5C7}) (Version: 1.0.1 - Toontrack)
ffdshow [rev 3299] [2010-03-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.0.0.3299 - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12.0.2 (HKLM\...\FL Studio 12_is1) (Version:  - )
flickr downloadr (HKLM-x32\...\flickr downloadr 2.0.0.1) (Version: 2.0.0.1 - flickrdownloadr.com)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Fotostory 2015 Deluxe Update (Version: 14.0.4.57 - MAGIX Software GmbH) Hidden
Free Driver Scout (HKLM-x32\...\{50a7e828-15d3-40e6-a37d-22d5c5357878}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Free Video to DVD Converter (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.71.1211 - DVDVideoSoft Ltd.)
FXpansion BFD3 (HKLM-x32\...\FXpansion BFD3) (Version: 3.0.4 - FXpansion Audio UK Ltd)
Garmin BaseCamp (HKLM-x32\...\{F7CEFC8E-591B-4F02-96AC-44972E6EAC3F}) (Version: 4.5.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NTU 2016.10 (HKLM-x32\...\{4DE11D48-DC9D-46FD-9CDA-314BFF6145AD}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.72.5234 - Gretech Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
IK Multimedia Authorization Manager version 1.0.12 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.12 - IK Multimedia)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Harmless (HKLM-x32\...\IL Harmless) (Version:  - Image-Line)
IL Harmor (HKLM-x32\...\IL Harmor) (Version:  - Image-Line)
IL Minihost Modular (HKLM-x32\...\IL Minihost Modular) (Version:  - Image-Line)
IL Ogun (HKLM-x32\...\IL Ogun) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
IL Sytrus (HKLM-x32\...\IL Sytrus) (Version:  - Image-Line)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
IsoBuster 2.8.5 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
iZotope Iris 2 (HKLM-x32\...\iZotope Iris 2_is1) (Version: 2.01 - iZotope, Inc.)
iZotope Iris 2 Abstract Library (HKLM-x32\...\iZotope Iris 2 Abstract Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Core Library (HKLM-x32\...\iZotope Iris 2 Core Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Environments 1 Library (HKLM-x32\...\iZotope Iris 2 Environments 1 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Environments 2 Library (HKLM-x32\...\iZotope Iris 2 Environments 2 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 EuroRack Modular Library (HKLM-x32\...\iZotope Iris 2 EuroRack Modular Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Instruments Library (HKLM-x32\...\iZotope Iris 2 Instruments Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Objects Library (HKLM-x32\...\iZotope Iris 2 Objects Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 1 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 1 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 2 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 2 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Toys Library (HKLM-x32\...\iZotope Iris 2 Toys Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Voice Library (HKLM-x32\...\iZotope Iris 2 Voice Library_is1) (Version: 1.00 - iZotope, Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
JDownloader 0.9 (HKLM-x32\...\7289-1030-5602-7421) (Version: 0.9 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Lethality V1.1.2 Retail version 1.1.2 (HKLM-x32\...\Lethality V1.1.2 Retail_is1) (Version: 1.1.2 - )
LicensingService (x32 Version: 1.00.0000 - Corel Corporation) Hidden
LinPlug Spectral (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\LinPlug Spectral) (Version:  - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
MAGIX Fotostory 2015 Deluxe (HKLM-x32\...\MX.{B051358D-748D-4969-9FE7-C116D730CAAD}) (Version: 14.0.1.42 - MAGIX Software GmbH)
MAGIX Fotostory 2015 Deluxe (Version: 14.0.1.42 - MAGIX Software GmbH) Hidden
MAGIX Independence Libraries Common Files (HKLM\...\MX.{9B85601F-B79B-40B0-9A54-E706FBD1C5C1}) (Version: 3.2.0.0 - MAGIX Software GmbH)
MAGIX Independence Libraries Common Files (Version: 3.2.0.0 - MAGIX Software GmbH) Hidden
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\MX.{E828E90A-8932-45A0-9DCF-4F06EF75EE06}) (Version: 3.2.0.0 - MAGIX Software GmbH)
MAGIX Independence Pro 3.2 VST-Plugins (Version: 3.2.0.0 - MAGIX Software GmbH) Hidden
MAGIX Independence Pro Software Suite 3.2 (HKLM-x32\...\MX.{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.2.0.128 - MAGIX Software GmbH)
MAGIX Independence Pro Software Suite 3.2 (Version: 3.2.0.128 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{61124E02-0FFC-4390-8943-4B5C1E3713CE}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Mp3tag v2.72 (HKLM-x32\...\Mp3tag) (Version: v2.72 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicLab RealStrat (32-bit) (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (64-bit) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (HKLM-x32\...\{87d50511-cb30-4e5d-99b4-763b91649a0b}) (Version: 3.1.0.7127 - MusicLab, Inc.)
MusicLab RealStrat Sound Bank (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab Virtual Midi Driver (64-bit) (HKLM\...\{2B019162-86C7-4D14-AED0-2CB5110BA4FF}) (Version: 2.0.2.0 - MusicLab, Inc.)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.0.1510 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.8.0.262 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.0.1498 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Komplete 9 Ultimate (HKLM-x32\...\Native Instruments Komplete 9 Ultimate) (Version:  - Native Instruments)
Native Instruments Komplete Audio 6 Driver (HKLM-x32\...\Native Instruments Komplete Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.1.451 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.6 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.0.533 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.4.0.2 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.0.725 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.1 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version:  - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version:  - Native Instruments)
Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version:  - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.0.1093 - Native Instruments)
Native Instruments Session Horns (HKLM-x32\...\Native Instruments Session Horns) (Version:  - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.12 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.2 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version:  - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version:  - Native Instruments)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
OVTScanner_Vista64 (HKLM-x32\...\{AE09704D-9051-4C25-B940-77F889F0C93F}) (Version: 1.00.0000 - OVT)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.5.308.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
Pianoteq v2.2.0 (HKLM-x32\...\Pianoteq22) (Version:  - )
PicPick (HKLM-x32\...\PicPick) (Version: 4.0.7 - NGWIN)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Rainbow Folders (HKLM-x32\...\{2AEA17BA-FAB3-49D2-BB85-0669D14DC9BC}_is1) (Version: 2.05 - Piotr Chodzinski)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0024 - Realtek)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
reFX Vanguard VSTi RTAS v1.8.0 (HKLM-x32\...\reFX Vanguard_is1) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Sakura (HKLM-x32\...\Sakura) (Version:  - Image-Line)
Saleen WebDownloader (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Saleen WebDownloader) (Version:  - Saleen Software)
SampleMoog (HKLM-x32\...\{218AA20E-F016-4385-9F74-04FF8E596FB2}) (Version: 1.0.0 - IK Multimedia)
SampleTank 3 version 3.5.1 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.5.1 - IK Multimedia)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.7 - Samsung Electronics)
Schattenkopieclient (HKLM-x32\...\{23E5032B-56CA-4C19-A72E-B50161DB82CA}) (Version: 5.2.01 - Microsoft)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) <==== ACHTUNG
Steinberg Cubase 8 64bit (HKLM\...\{C806BE81-01DE-4EFA-33AC-34635B3EAB4A}) (Version: 8.0.30 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums (HKLM-x32\...\{E9BFA009-DD72-4F2A-84CB-6DF46472B563}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Virtual Guitarist Electric Edition (HKLM-x32\...\Virtual Guitarist Electric Edition) (Version:  - )
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Bass Amp Content (HKLM-x32\...\{A2FC1750-B90F-4948-9D6E-DDDA155C6EC8}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Studio Instruments 1.0 (HKLM\...\Cakewalk Studio Instruments_is1) (Version: 1.0 - Cakewalk Music Software)
SuperWave Equinoxe (Poly 20) (HKLM-x32\...\{ACE79486-860F-4413-801C-CA0115FAE1E5}) (Version: 1.0 - SuperWave)
SuperWave Equinoxe Extreme HD Edition (Poly 20) (HKLM-x32\...\{CE6B55F8-6BBE-4999-A050-E01EE5A595F7}) (Version: 1.0 - SuperWave)
SynthMaster 2.6 VST/VSTi/RTAS/AAX (x64) Software Synthesizer version 2.6.21 (HKLM\...\{724D6BD0-88D0-4354-A124-6EE4D36E9EF2}_is1) (Version: 2.6.21 - KV331 Audio)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.4.4.2 - 't Schrijverke)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
USB Safely Remove 5.3 (HKLM-x32\...\USB Safely Remove_is1) (Version:  - SafelyRemove.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26866 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Zero-G Phaedra (HKLM-x32\...\Zero-G Phaedra) (Version:  - )
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-50711351-3327628023-445584072-1001_Classes\CLSID\{E0EB4174-E066-93A6-3225-6864931E48FE}\InprocServer32 -> kein Dateipfad

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03BD76AE-D4BD-4667-9868-3E59606C7495} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {4AE5DE09-2B4C-47D2-9D7F-22B377ABCE8B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-18] (Google Inc.)
Task: {5C8872E1-23FB-4F68-991E-74B59545CD6A} - System32\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {630E437E-8191-44F7-AB1B-CAE6033DBEE0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {6FD07135-5765-4E81-86A6-38C2ADD08422} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-27] (Adobe Systems Incorporated)
Task: {72605418-1C56-46BF-B428-8E1B8B3920A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-18] (Google Inc.)
Task: {78A71711-95D1-40A8-AE8D-C43452A7A216} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-10-29] ()
Task: {8F9410B3-0366-4AAA-9D35-97F295401A8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {93E657B7-D6CB-4697-B2D6-9825F4538387} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {9B75C5F5-351F-49DB-99A4-45502145694A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-29] (AVAST Software)
Task: {AE289CC8-3C51-4BCA-86EA-872EF1938D9B} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2015-08-02] (Easeware)
Task: {B8EFF749-F9A9-4B01-9FE1-28272FB8E0AB} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-08-26] (Samsung Electronics.)
Task: {B9082931-6747-4E43-BADA-8898A9D45DAC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BB72454D-58FF-4C3F-A767-7208AADB2C51} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2014-08-07] ()
Task: {BCD6156C-73CA-4266-8915-C5960102D453} - System32\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {F8A6BF1B-2937-497D-86AF-FDC5DC5BEF67} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-08-07] () <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE:/EXE:{898E107E-E6C2-4FAF-8394-4AC79EF46301} /F:UpdateWORKGROUP\GIGA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE:/EXE:{EB2F670E-4AF2-4973-ACFA-2C9D046E4278} /F:UpdateWORKGROUP\GIGA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.omniboxes.com/?type=sc&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-10-01 10:32 - 2013-10-01 10:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-26 21:30 - 2015-12-26 21:30 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122601\algo.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-29 13:34 - 2015-12-29 13:34 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\15122901\algo.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-26 07:39 - 2015-08-26 15:59 - 00019936 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-01-04 09:55 - 2015-12-27 12:16 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-04 09:55 - 2015-12-27 12:16 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\PACE:1E22FD8689209763

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-11-29 11:12 - 00000910 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activation.acronis.com 
127.0.0.1 www.magix.com
127.0.0.1 195.214.216.16

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-50711351-3327628023-445584072-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: PSI_SVC_2_x64 => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: USBSafelyRemoveService => 2
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "ACPW08DE"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\StartupApproved\Run: => "USB Safely Remove"
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\StartupApproved\Run: => "ACDSeeCommanderPro8"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C402BDE9-D146-4593-B71E-6597DB88A6DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{081A1586-7EBC-4E20-8CE0-C9D591DDB617}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{64FD0D2B-769B-41B5-9F1B-00D0B6E7A7D2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2873B9C9-4EBD-481A-923B-CB56E5EC83A2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{609D10A1-3763-43A6-8FB1-A87A5331DEB4}] => (Block) %ProgramFiles%\PowerISO\PowerISO.exe
FirewallRules: [{95FDB2B5-5321-441B-B2DB-771842462E9D}] => (Block) %ProgramFiles%\PowerISO\PWRISOVM.EXE
FirewallRules: [{0018FBF5-FDED-42BA-AA12-65B15AC7123E}] => (Block) %ProgramFiles%\PowerISO\piso.exe
FirewallRules: [{7040DC5E-1383-44AB-8181-B8F1A05D6641}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{092FB9B6-F3CE-4F5D-8238-C72A1662BA62}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{92FFBB7B-F308-42DF-9FC0-B2FA8FC901AE}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{F54C1BD7-2280-4EE9-AB9E-A8EEB6C50792}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{7C390351-7EC7-42D0-A648-2E4990846D0F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{666B6EC4-2426-4A03-83A8-3DE29FEEA817}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B73CBD24-639A-43A6-9F60-4C62004458D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF481442-1E3E-4245-B8A7-5D3B3A792EC1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{832283D8-7370-4396-91EC-BEA28D2DBFF8}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{698A8344-CE70-4C26-8751-890CEFC6A46F}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{E04B278E-90E7-4557-9B83-31A9E1A2DB56}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{EF643D95-0D91-4F98-B05B-D9D730C36333}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{C13E0A8B-2563-45D7-8610-F1CA9CF8C1DA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A17806C7-3918-4538-A15D-3D841B4C5F8C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AAFD833B-C170-4EB4-AC8B-8E586C04D914}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{716022D0-5668-43C2-B984-5C8B5C9B5B28}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{34FCB44F-ABDC-4BB4-9DBC-16BAABE51C75}] => (Allow) LPort=51111
FirewallRules: [{3349ED7B-D65F-4062-BC5C-C7D6178712F1}] => (Allow) LPort=51112
FirewallRules: [{FAAB4CBC-E797-4766-8E78-C34C4ECA0E70}] => (Allow) LPort=51113
FirewallRules: [{49BB5F01-FC3A-4B7C-8570-9A4EB5434E1F}] => (Allow) C:\Program Files\Steinberg\Cubase 8\Cubase8.exe
FirewallRules: [TCP Query User{672B06A1-14F8-473F-BA9D-B77FAA97CF82}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{A30475B8-AADE-423D-A11F-F6C919916774}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{C21333D4-7D80-417B-9C85-A9A97C6D4F58}C:\program files (x86)\image-line\minihost\minihostmodular.exe] => (Block) C:\program files (x86)\image-line\minihost\minihostmodular.exe
FirewallRules: [UDP Query User{5B00DBD1-12A3-4ABA-9A1A-CB3B51ED31BC}C:\program files (x86)\image-line\minihost\minihostmodular.exe] => (Block) C:\program files (x86)\image-line\minihost\minihostmodular.exe
FirewallRules: [TCP Query User{45430996-A2BC-4849-B916-9F8FC4050D68}C:\program files (x86)\image-line\minihost\minihostmodular_x64.exe] => (Block) C:\program files (x86)\image-line\minihost\minihostmodular_x64.exe
FirewallRules: [UDP Query User{32A5C33B-EBC8-4F9F-B675-5A51B5F486E0}C:\program files (x86)\image-line\minihost\minihostmodular_x64.exe] => (Block) C:\program files (x86)\image-line\minihost\minihostmodular_x64.exe
FirewallRules: [{1B774E39-1A95-48EE-BA43-1BC213667BAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77AB0910-214E-4889-9116-FC9F5D37CC97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F96541DB-A264-43FB-A2EC-FE4AE3ADD18A}] => (Allow) B:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{2306DD11-F455-4969-AAE4-F8FCC8561950}] => (Allow) B:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{1A3A7EAD-A309-483A-9F99-5E5242BEB57B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{5A06E824-B1BE-48D4-9B8F-C379EBD1ECC3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{FA547AD9-EAD6-4033-81DE-DC814778BCA0}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{6F88BEFF-279F-4A6C-86F2-5A04F834A4EB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{A6FC0F24-A917-4A30-AAD9-414C08964EC0}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{7A81241A-80D3-4522-9AD6-236F391DFAF6}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{CDB78794-D701-4A0F-9124-BE8536C035BF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{6D7177B3-12F0-4BBC-9F07-E82224C2784B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Acronis TIB Mounter
Description: Acronis TIB Mounter
Class Guid: {1860459d-4692-4825-b761-44a725991050}
Manufacturer: Acronis, Inc.
Service: tib_mounter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/29/2015 05:32:45 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/28/2015 03:44:42 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/27/2015 07:30:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mstsc.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215e2b5
Name des fehlerhaften Moduls: vorbis.acm, Version: 0.0.3.6, Zeitstempel: 0x50a51541
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001f4f
ID des fehlerhaften Prozesses: 0x127c
Startzeit der fehlerhaften Anwendung: 0xmstsc.exe0
Pfad der fehlerhaften Anwendung: mstsc.exe1
Pfad des fehlerhaften Moduls: mstsc.exe2
Berichtskennung: mstsc.exe3
Vollständiger Name des fehlerhaften Pakets: mstsc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mstsc.exe5

Error: (12/26/2015 05:40:25 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/25/2015 03:11:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/25/2015 03:54:55 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/25/2015 03:30:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Data" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (12/24/2015 04:40:48 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Data" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (12/23/2015 05:38:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Avast.VC110.DebugCRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1".
Die abhängige Assemblierung "Avast.VC110.DebugCRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/23/2015 01:22:10 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).


Systemfehler:
=============
Error: (12/29/2015 10:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:32 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:31 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:31 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:31 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:31 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2015 10:58:31 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Prozentuale Nutzung des RAM: 12%
Installierter physikalischer RAM: 16375.42 MB
Verfügbarer physikalischer RAM: 14357.5 MB
Summe virtueller Speicher: 16575.42 MB
Verfügbarer virtueller Speicher: 14157.86 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:429.14 GB) (Free:260.2 GB) NTFS
Drive d: (Studio) (Fixed) (Total:931.51 GB) (Free:472.66 GB) NTFS
Drive e: (3TB) (Fixed) (Total:2794.39 GB) (Free:238.87 GB) NTFS
Drive f: (Seagate 2TB) (Fixed) (Total:1863.01 GB) (Free:875.56 GB) NTFS
Drive r: (Asus 500) (Fixed) (Total:465.76 GB) (Free:309.52 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 7AFD0835)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=429.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 398F4B15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 210A2F21)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 465.8 GB) (Disk ID: 2BFB4DC8)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 30.12.2015, 01:54   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Zitat:
127.0.0.1 activation.acronis.com
127.0.0.1 www.magix.com
Du hast gecrackte Software auf diesem Rechner.

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________

__________________

Alt 30.12.2015, 17:07   #3
paulmueck
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Magix und Acronis entfernt.
Neue Logfiles erstellt.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-12-2015
durchgeführt von Paul (Administrator) auf GIGA (30-12-2015 17:07:09)
Gestartet von C:\Users\Paul\Desktop
Geladene Profile: Paul (Verfügbare Profile: Paul & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(tsvr.com) C:\Users\Paul\AppData\Roaming\TSv\TSvr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(TFuns LIMITED) C:\ProgramData\gWdMg\WdMan.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(RaMMicHaeL) C:\Users\Paul\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINOE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINOE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-29] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\Paul\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [380416 2015-12-04] (RaMMicHaeL)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [ACDSeeCommanderPro8] => C:\Program Files\ACD Systems\ACDSee Pro\8.0\ACDSeeCommanderPro8.exe [2141192 2015-02-15] ()
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [382976 2013-08-22] (Microsoft Corporation)
ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\SysWOW64\mscoree.dll [330240 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-29] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AC7336B0-7DA0-41CE-8663-E97D683B24BA}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKU\S-1-5-21-50711351-3327628023-445584072-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449845906&z=ca34aef73e66828b21704b9g9z9z2t1b9z8wbtdg6e&from=ient07021&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
HKU\S-1-5-21-50711351-3327628023-445584072-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKU\S-1-5-21-50711351-3327628023-445584072-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
HKU\S-1-5-21-50711351-3327628023-445584072-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449845906&z=ca34aef73e66828b21704b9g9z9z2t1b9z8wbtdg6e&from=ient07021&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKU\S-1-5-21-50711351-3327628023-445584072-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-29] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-29] (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.yoursites123.com/?type=sc&ts=1450939994&z=6480145fdbb131a95d93927g9z0wceft0cat5t6t6c&from=wpm07173&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N

FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933
FF NewTab: hxxp://www.yoursites123.com/newtab/?type=nt&ts=1450939994&z=6480145fdbb131a95d93927g9z0wceft0cat5t6t6c&from=wpm07173&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
FF SelectedSearchEngine: yoursites123
FF Homepage: hxxp://www.yoursites123.com/?type=hp&ts=1449845906&z=ca34aef73e66828b21704b9g9z9z2t1b9z8wbtdg6e&from=ient07021&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-27] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-27] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-50711351-3327628023-445584072-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\searchplugins\yoursites123.xml [2015-12-24]
FF Extension: All-in-One Sidebar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-10-12]
FF Extension: Bulk Image Downloader - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2015-10-12]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\ALone-live@ya.ru.xpi [2015-10-27]
FF Extension: NoScript - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-24]
FF Extension: Image Toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{A4732521-77D9-447E-A557-B279AC923F06}.xpi [2015-11-30]
FF Extension: Status-4-Evar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\status4evar@caligonstudios.com.xpi [2015-12-08]
FF Extension: Tab Mix Plus - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-12-27]
FF Extension: Linkification - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi [2015-12-28]
FF Extension: Default NewTab - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\default_newtabff@gmail.com [2015-12-24] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\elemhidehelper@adblockplus.org.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-17]
FF Extension: Adblock Plus - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\default_newtabff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\yahooprotected@gmail.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-29]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-29] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 IhPul; C:\Users\Paul\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S4 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)

R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [172192 2015-12-24] (TODO: <公司名>)
S4 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1666416 2014-12-25] (Crystal Rich Ltd)
R2 WdMan; C:\ProgramData\gWdMg\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-29] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 mlkumidi; C:\Windows\system32\drivers\mlkumidi.sys [55856 2014-08-30] (MusicLab, Inc.)
S3 nika6audio; C:\Windows\System32\Drivers\nika6audio.sys [365456 2015-04-01] (Native Instruments GmbH)
S3 nika6usb; C:\Windows\system32\DRIVERS\nika6usb.sys [83272 2015-04-01] (Native Instruments GmbH)
S3 OV550I; C:\Windows\System32\Drivers\ov550ivx.sys [196992 2008-02-21] (Omnivision Technologies, Inc.)
S4 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2015-02-15] (Padus, Inc.) [Datei ist nicht signiert]
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
R4 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-01-04] (Acronis International GmbH)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S4 cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S3 RTHDMIAzAudService; \SystemRoot\system32\drivers\RtHDMIVX.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2060-04-01 16:08 - 2015-10-28 19:50 - 00000000 ____D C:\Users\Paul\Documents\Cubase Projects
2060-04-01 16:00 - 2060-04-01 16:00 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2060-04-01 16:00 - 2060-04-01 16:00 - 00000000 ____D C:\ProgramData\Syncrosoft
2060-04-01 16:00 - 2015-05-13 23:03 - 00000000 ____D C:\ProgramData\eLicenser
2060-04-01 16:00 - 2011-12-14 20:22 - 00030352 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\Drivers\synusb64.sys
2015-12-30 16:40 - 2015-12-30 17:07 - 00028404 _____ C:\Users\Paul\Desktop\FRST.txt
2015-12-30 15:27 - 2015-12-30 15:27 - 00000001 _____ C:\Windows\SysWOW64\de.html
2015-12-30 11:03 - 2015-12-30 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-12-29 23:22 - 2015-12-29 23:35 - 00059405 _____ C:\Users\Paul\Desktop\Addition2.txt
2015-12-29 23:21 - 2015-12-29 23:33 - 00047446 _____ C:\Users\Paul\Desktop\FRST1.txt
2015-12-29 23:15 - 2015-12-30 17:07 - 00000000 ____D C:\FRST
2015-12-29 23:14 - 2015-12-29 23:14 - 02370560 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2015-12-29 23:10 - 2015-12-29 23:10 - 00001532 _____ C:\Users\Paul\Desktop\iexplore.exe - Verknüpfung.lnk
2015-12-29 23:09 - 2015-12-29 23:09 - 00001499 _____ C:\Users\Paul\Desktop\firefox.exe - Verknüpfung.lnk
2015-12-29 13:42 - 2015-12-29 13:42 - 00000000 ____D C:\Users\Paul\AppData\Roaming\eCyber
2015-12-24 07:53 - 2015-12-24 07:53 - 00000000 ____D C:\ProgramData\gWdMg
2015-12-24 07:53 - 2015-12-24 07:53 - 00000000 ____D C:\ProgramData\eWdMe
2015-12-24 07:52 - 2015-12-24 07:52 - 02770377 _____ (iBank) C:\Program Files (x86)\SSFK.exe
2015-12-23 09:46 - 2015-12-23 09:47 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2015-12-23 09:46 - 2015-12-23 09:46 - 00001523 _____ C:\Users\Public\Desktop\Free Video to DVD Converter.lnk
2015-12-23 09:46 - 2015-12-23 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-12-23 09:46 - 2015-12-23 09:46 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-12-22 20:09 - 2015-12-23 13:41 - 00534871 _____ C:\Users\Paul\Desktop\DVDCover.cdr
2015-12-22 19:14 - 2015-12-23 10:25 - 00000000 ____D C:\Program Files (x86)\Boilsoft Video Cutter
2015-12-22 18:52 - 2015-12-22 18:52 - 00001171 _____ C:\Users\Public\Desktop\Boilsoft Video Splitter.lnk
2015-12-22 18:52 - 2015-12-22 18:52 - 00001129 _____ C:\Users\Public\Desktop\Boilsoft Video Joiner.lnk
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Boilsoft
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\Program Files (x86)\Boilsoft
2015-12-22 17:39 - 2015-12-22 17:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-12-22 17:39 - 2015-12-22 17:39 - 00000000 ____D C:\Users\Paul\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-12-22 17:03 - 2015-12-22 17:03 - 00001078 _____ C:\Users\Paul\Desktop\Format Factory.lnk
2015-12-22 17:03 - 2015-12-22 17:03 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-12-22 17:03 - 2015-12-22 17:03 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2015-12-21 19:02 - 2015-12-23 10:20 - 00005632 _____ C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-21 18:56 - 2015-12-23 12:01 - 00000000 ____D C:\Avi2DVD
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\Program Files (x86)\Xvid
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\Program Files (x86)\ffdshow
2015-12-21 18:25 - 2010-03-03 00:00 - 00085504 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-12-21 18:25 - 2009-06-07 16:25 - 00077824 _____ C:\Windows\SysWOW64\xvid.ax
2015-12-21 18:25 - 2009-06-07 16:24 - 00180224 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-12-21 18:25 - 2009-06-07 16:16 - 00819200 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\Program Files (x86)\Haali
2015-12-21 18:23 - 2015-12-21 18:23 - 00033019 _____ C:\Windows\SysWOW64\CoreAAC-uninstall.exe
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Program Files (x86)\AC3Filter
2015-12-21 18:23 - 2009-08-11 21:22 - 00580096 _____ C:\Windows\system32\ac3filter64.acm
2015-12-21 18:23 - 2009-08-11 21:18 - 00497664 _____ C:\Windows\SysWOW64\ac3filter.acm
2015-12-21 18:22 - 2015-12-21 19:42 - 00001002 _____ C:\Users\Paul\Desktop\Avi2Dvd.lnk
2015-12-21 18:22 - 2015-12-21 18:59 - 00000000 ____D C:\Program Files (x86)\Avi2Dvd
2015-12-21 18:22 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avi2Dvd
2015-12-21 18:22 - 2015-12-21 18:22 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avi2Dvd
2015-12-20 10:41 - 2015-12-20 10:41 - 00000091 _____ C:\Windows\fnerr.dat
2015-12-16 20:17 - 2015-12-16 20:17 - 00000866 _____ C:\Users\Public\Desktop\Print CD.lnk
2015-12-16 20:16 - 2015-12-20 09:23 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Epson
2015-12-16 20:16 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\UDL
2015-12-16 20:16 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-12-16 19:55 - 2015-12-30 16:55 - 00000929 _____ C:\Windows\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}.job
2015-12-16 19:55 - 2015-12-16 19:55 - 00003960 _____ C:\Windows\System32\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}
2015-12-16 19:48 - 2015-12-30 16:48 - 00000929 _____ C:\Windows\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}.job
2015-12-16 19:48 - 2015-12-16 19:48 - 00003960 _____ C:\Windows\System32\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}
2015-12-16 19:48 - 2015-12-16 19:48 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-12-16 19:39 - 2015-12-16 19:39 - 00000000 ____D C:\Program Files\EpsonNet
2015-12-16 19:38 - 2015-12-16 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-16 19:38 - 2015-12-16 20:17 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2015-12-16 19:38 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-12-16 19:38 - 2015-12-16 20:16 - 00000000 ____D C:\Program Files (x86)\epson
2015-12-16 19:38 - 2015-12-16 19:38 - 00000945 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-12-16 19:38 - 2014-02-25 00:00 - 00466944 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2015-12-16 19:38 - 2013-12-06 04:05 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBNOE.DLL
2015-12-16 19:38 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2015-12-16 19:38 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BNOE.DLL
2015-12-16 19:38 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-12-16 19:15 - 2015-12-19 09:11 - 00000000 ____D C:\ProgramData\Epson
2015-12-16 15:40 - 2015-12-16 15:40 - 00001142 __RSH C:\ProgramData\ntuser.pol
2015-12-14 14:07 - 2015-12-29 13:44 - 00000000 ____D C:\Program Files (x86)\WinZipper
2015-12-14 14:07 - 2015-12-14 14:07 - 00000000 ____D C:\ProgramData\6WdM6
2015-12-14 14:06 - 2015-12-14 14:06 - 00000000 ____D C:\ProgramData\9WdM9
2015-12-11 15:59 - 2015-12-11 16:00 - 00000000 ____D C:\ProgramData\OWdMO
2015-12-05 10:43 - 2015-12-05 10:43 - 00000000 ____D C:\Program Files (x86)\GUM519E.tmp
2015-12-03 15:04 - 2015-12-03 15:04 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 15:04 - 2015-12-03 15:04 - 00000000 ____D C:\Program Files\Common Files\AV

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-30 17:06 - 2015-01-04 12:49 - 00000000 ____D C:\Program Files\CCleaner
2015-12-30 17:04 - 2015-11-29 10:59 - 00000000 ____D C:\Users\Paul\AppData\Local\Xara
2015-12-30 16:59 - 2015-01-02 00:44 - 00000000 ____D C:\Users\Paul\AppData\Roaming\ClassicShell
2015-12-30 16:48 - 2015-08-18 16:27 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-30 16:43 - 2015-01-01 23:51 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-50711351-3327628023-445584072-1001
2015-12-30 16:42 - 2015-10-17 11:55 - 00004196 _____ C:\Windows\System32\Tasks\Software Updater
2015-12-30 16:41 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-30 16:38 - 2015-08-18 16:27 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-30 16:27 - 2015-01-02 00:10 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-30 16:26 - 2015-11-24 08:23 - 00000000 ____D C:\Program Files (x86)\SFK
2015-12-30 14:07 - 2013-12-22 13:54 - 02061180 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-30 14:07 - 2013-09-30 04:58 - 00876094 _____ C:\Windows\system32\perfh007.dat
2015-12-30 14:07 - 2013-09-30 04:58 - 00200744 _____ C:\Windows\system32\perfc007.dat
2015-12-30 14:07 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-30 11:03 - 2015-03-12 15:34 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2015-12-30 11:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-12-29 23:09 - 2015-01-02 00:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-29 23:09 - 2013-12-22 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-28 08:50 - 2015-01-03 17:09 - 00000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2015-12-27 19:39 - 2015-04-03 07:29 - 00002256 ____H C:\Users\Paul\Documents\Default.rdp
2015-12-27 17:33 - 2015-01-05 18:42 - 00003774 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-27 17:33 - 2015-01-05 18:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-27 17:30 - 2015-06-21 10:05 - 00000000 ____D C:\ProgramData\PACE
2015-12-27 17:29 - 2015-01-04 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-27 17:29 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-27 17:28 - 2015-01-01 23:46 - 00000000 ____D C:\Users\Paul
2015-12-27 02:09 - 2015-02-28 11:20 - 00000000 ____D C:\Users\Paul\AppData\Roaming\dvdcss
2015-12-25 13:26 - 2015-09-21 14:56 - 00000000 ____D C:\Windows\Minidump
2015-12-24 07:53 - 2015-10-10 07:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\TSv
2015-12-24 07:53 - 2015-10-02 16:15 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-12-23 17:31 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-23 17:10 - 2015-07-17 16:19 - 00001908 _____ C:\Windows\diagwrn.xml
2015-12-23 17:10 - 2015-07-17 16:19 - 00001908 _____ C:\Windows\diagerr.xml
2015-12-22 19:00 - 2013-08-22 15:44 - 00681184 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-21 17:23 - 2015-01-03 18:17 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-12-19 09:31 - 2015-02-02 19:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Canon
2015-12-17 19:48 - 2015-01-24 08:39 - 00000000 ____D C:\Users\Paul\dwhelper
2015-12-16 20:17 - 2015-04-11 08:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-16 20:17 - 2013-09-30 05:00 - 00000000 ____D C:\Windows\ShellNew
2015-12-16 15:40 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-12-14 18:53 - 2015-03-15 09:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-12 10:45 - 2015-01-01 23:46 - 00000000 ____D C:\Users\Paul\AppData\Local\Packages
2015-12-07 18:37 - 2015-08-31 17:37 - 00000000 ____D C:\Users\Paul\AppData\Roaming\MyPhoneExplorer
2015-12-05 13:02 - 2015-02-01 08:53 - 00000000 ____D C:\Users\Paul\AppData\Local\Microsoft Help
2015-12-05 10:43 - 2015-08-18 16:27 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 10:43 - 2015-08-18 16:27 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-24 07:52 - 2015-12-24 07:52 - 2770377 _____ (iBank) C:\Program Files (x86)\SSFK.exe
2015-10-02 16:03 - 2015-10-02 16:08 - 0001043 _____ () C:\Users\Paul\AppData\Roaming\burnaware.ini
2015-01-05 19:20 - 2015-04-01 17:16 - 0159200 ____T () C:\Users\Paul\AppData\Roaming\CrashRpt1402.dll
2015-10-18 12:43 - 2015-10-28 18:24 - 0000016 _____ () C:\Users\Paul\AppData\Roaming\msregsvv.dll
2015-06-28 07:57 - 2015-06-28 07:57 - 0105528 _____ (Un4seen Developments) C:\Users\Paul\AppData\Local\bass.dll
2015-12-21 19:02 - 2015-12-23 10:20 - 0005632 _____ () C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-03 18:42 - 2015-01-03 18:42 - 0000017 _____ () C:\Users\Paul\AppData\Local\resmon.resmoncfg
2015-10-18 12:43 - 2015-10-28 18:24 - 0000016 _____ () C:\ProgramData\autobk.inc
2015-07-05 12:38 - 2015-07-05 12:38 - 0000117 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2015-10-02 16:15 - 2015-12-24 07:53 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-30 10:05

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-12-2015
durchgeführt von Paul (2015-12-30 17:07:31)
Gestartet von C:\Users\Paul\Desktop
Windows 8.1 Pro (X64) (2015-01-01 22:46:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-50711351-3327628023-445584072-500 - Administrator - Disabled)
Gast (S-1-5-21-50711351-3327628023-445584072-501 - Limited - Disabled)
Paul (S-1-5-21-50711351-3327628023-445584072-1001 - Administrator - Enabled) => C:\Users\Paul

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7+ Taskbar Tweaker v5.1 (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\7 Taskbar Tweaker) (Version: 5.1 - RaMMicHaeL)
Ableton Live 9 Suite (HKLM\...\{11DF5764-52FF-4149-8B65-FB4D721975C9}) (Version: 9.0.0.0 - Ableton)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
ACDSee Pro 8 (64-bit) (HKLM\...\{F84CE839-8CDD-4DC1-9A05-FA93BEA8B63D}) (Version: 8.0.0.266 - ACD Systems International Inc.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
AIDA64 Engineer v5.00 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 5.00 - FinalWire Ltd.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Ample Guitar F II version 2.0.2 (HKLM-x32\...\{26ABCDDF-80B4-409D-B169-400C54E6E1C0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar G II Extension 1 (Both Pickup) version 2.0.2 (HKLM-x32\...\{CEFDB1D7-F4AE-42CD-A060-B923453056B0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar G II version 2.0.2 (HKLM-x32\...\{C5C4DE66-ACC5-4431-892B-A581516DF4DD}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar M II version 2.0.2 (HKLM-x32\...\{DBBA77E4-611C-4633-AC13-96A6598AF746}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar P II Extension (Neck Pickup) version 2.0.2 (HKLM-x32\...\{3758B201-9310-4492-A8FA-003C2FD6BFA9}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar P II version 2.0.2 (HKLM-x32\...\{5F4EB709-CBDD-4B9D-A733-5CD7FA3FF6E2}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyMP4 Blu-ray Player 6.1.30 (HKLM-x32\...\{DF8BE739-832A-482a-8C75-FB9628A6BE6E}_is1) (Version: 6.1.30 - AnyMP4 Studio)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.7.0 - CrystalIdea Software, Inc.)
ArcSoft PhotoImpression 6 (HKLM-x32\...\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}) (Version: 6.1.8.146 - ArcSoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Boilsoft Video Joiner 6.57 (HKLM-x32\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version:  - Boilsoft, Inc.)
Boilsoft Video Splitter 6.34 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version:  - Boilsoft, Inc.)
Bulk Image Downloader v4.91.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version:  - Antibody Software)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
Camel Audio Alchemy64 (HKLM-x32\...\Camel Audio Alchemy64) (Version: 1.25.0 - Camel Audio)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Cantabile 2.0 Lite (x64) (HKLM-x32\...\Cantabile 2.0 Lite (x64)) (Version:  - Topten Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
CGS17_Setup_x64 (Version: 17.3 - Corel Corporation) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{B344E0F4-3FD8-4D88-97AF-3F75033FA562}) (Version: 17.3.0.772 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.3.772 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.3.772 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CS (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - DE (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - ES (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FR (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - JP (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - NL (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PL (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - RU (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.3.0.772 - Corel Corporation)
Custom Shop version 1.6.1 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.6.1 - IK Multimedia)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15.1 - Illustrate)
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 11 - Illustrate)
DX10 (HKLM-x32\...\DX10) (Version:  - Image-Line)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West Vapor (HKLM-x32\...\East West Vapor) (Version:  - )
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Elevated Installer (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service)
E-License Manager (Version: 1.3.0.0 - Magix) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.1.1172 - Steinberg Media Technologies GmbH)
Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.1.0.224 - Best Service)
Engine 2 (Version: 2.1.0.224 - Best Service) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.42.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-620 Series Printer Uninstall (HKLM\...\EPSON XP-620 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
Everything Bundle Upgrade for SynthMaster version 3.0 (HKLM-x32\...\{8E3B1338-DC03-4C10-AB9D-BFD06DBA609D}_is1) (Version: 3.0 - KV331 Audio)
EZkeys Mellotoon 64 (HKLM\...\{EA588FDB-2CDB-4F19-BF6A-4DC6EA64D5C7}) (Version: 1.0.1 - Toontrack)
ffdshow [rev 3299] [2010-03-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.0.0.3299 - )
FL Studio 12.0.2 (HKLM\...\FL Studio 12_is1) (Version:  - )
flickr downloadr (HKLM-x32\...\flickr downloadr 2.0.0.1) (Version: 2.0.0.1 - flickrdownloadr.com)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Free Video to DVD Converter (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.71.1211 - DVDVideoSoft Ltd.)
FXpansion BFD3 (HKLM-x32\...\FXpansion BFD3) (Version: 3.0.4 - FXpansion Audio UK Ltd)
Garmin BaseCamp (HKLM-x32\...\{F7CEFC8E-591B-4F02-96AC-44972E6EAC3F}) (Version: 4.5.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NTU 2016.10 (HKLM-x32\...\{4DE11D48-DC9D-46FD-9CDA-314BFF6145AD}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.72.5234 - Gretech Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
IK Multimedia Authorization Manager version 1.0.12 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.12 - IK Multimedia)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Harmless (HKLM-x32\...\IL Harmless) (Version:  - Image-Line)
IL Harmor (HKLM-x32\...\IL Harmor) (Version:  - Image-Line)
IL Minihost Modular (HKLM-x32\...\IL Minihost Modular) (Version:  - Image-Line)
IL Ogun (HKLM-x32\...\IL Ogun) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
IL Sytrus (HKLM-x32\...\IL Sytrus) (Version:  - Image-Line)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
IsoBuster 2.8.5 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
iZotope Iris 2 (HKLM-x32\...\iZotope Iris 2_is1) (Version: 2.01 - iZotope, Inc.)
iZotope Iris 2 Abstract Library (HKLM-x32\...\iZotope Iris 2 Abstract Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Core Library (HKLM-x32\...\iZotope Iris 2 Core Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Environments 1 Library (HKLM-x32\...\iZotope Iris 2 Environments 1 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Environments 2 Library (HKLM-x32\...\iZotope Iris 2 Environments 2 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 EuroRack Modular Library (HKLM-x32\...\iZotope Iris 2 EuroRack Modular Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Instruments Library (HKLM-x32\...\iZotope Iris 2 Instruments Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Objects Library (HKLM-x32\...\iZotope Iris 2 Objects Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 1 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 1 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 2 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 2 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Toys Library (HKLM-x32\...\iZotope Iris 2 Toys Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Voice Library (HKLM-x32\...\iZotope Iris 2 Voice Library_is1) (Version: 1.00 - iZotope, Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
JDownloader 0.9 (HKLM-x32\...\7289-1030-5602-7421) (Version: 0.9 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Lethality V1.1.2 Retail version 1.1.2 (HKLM-x32\...\Lethality V1.1.2 Retail_is1) (Version: 1.1.2 - )
LicensingService (x32 Version: 1.00.0000 - Corel Corporation) Hidden
LinPlug Spectral (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\LinPlug Spectral) (Version:  - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Mp3tag v2.72 (HKLM-x32\...\Mp3tag) (Version: v2.72 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicLab RealStrat (32-bit) (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (64-bit) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (HKLM-x32\...\{87d50511-cb30-4e5d-99b4-763b91649a0b}) (Version: 3.1.0.7127 - MusicLab, Inc.)
MusicLab RealStrat Sound Bank (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab Virtual Midi Driver (64-bit) (HKLM\...\{2B019162-86C7-4D14-AED0-2CB5110BA4FF}) (Version: 2.0.2.0 - MusicLab, Inc.)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.0.1510 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.8.0.262 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.0.1498 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Komplete 9 Ultimate (HKLM-x32\...\Native Instruments Komplete 9 Ultimate) (Version:  - Native Instruments)
Native Instruments Komplete Audio 6 Driver (HKLM-x32\...\Native Instruments Komplete Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.1.451 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.6 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.0.533 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.4.0.2 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.0.725 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.1 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version:  - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version:  - Native Instruments)
Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version:  - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.0.1093 - Native Instruments)
Native Instruments Session Horns (HKLM-x32\...\Native Instruments Session Horns) (Version:  - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.12 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.2 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version:  - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version:  - Native Instruments)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
OVTScanner_Vista64 (HKLM-x32\...\{AE09704D-9051-4C25-B940-77F889F0C93F}) (Version: 1.00.0000 - OVT)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.5.308.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
Pianoteq v2.2.0 (HKLM-x32\...\Pianoteq22) (Version:  - )
PicPick (HKLM-x32\...\PicPick) (Version: 4.0.7 - NGWIN)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Rainbow Folders (HKLM-x32\...\{2AEA17BA-FAB3-49D2-BB85-0669D14DC9BC}_is1) (Version: 2.05 - Piotr Chodzinski)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0024 - Realtek)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
reFX Vanguard VSTi RTAS v1.8.0 (HKLM-x32\...\reFX Vanguard_is1) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Sakura (HKLM-x32\...\Sakura) (Version:  - Image-Line)
Saleen WebDownloader (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Saleen WebDownloader) (Version:  - Saleen Software)
SampleMoog (HKLM-x32\...\{218AA20E-F016-4385-9F74-04FF8E596FB2}) (Version: 1.0.0 - IK Multimedia)
SampleTank 3 version 3.5.1 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.5.1 - IK Multimedia)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.7 - Samsung Electronics)
Schattenkopieclient (HKLM-x32\...\{23E5032B-56CA-4C19-A72E-B50161DB82CA}) (Version: 5.2.01 - Microsoft)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) <==== ACHTUNG
Steinberg Cubase 8 64bit (HKLM\...\{C806BE81-01DE-4EFA-33AC-34635B3EAB4A}) (Version: 8.0.30 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums (HKLM-x32\...\{E9BFA009-DD72-4F2A-84CB-6DF46472B563}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Virtual Guitarist Electric Edition (HKLM-x32\...\Virtual Guitarist Electric Edition) (Version:  - )
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Bass Amp Content (HKLM-x32\...\{A2FC1750-B90F-4948-9D6E-DDDA155C6EC8}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Studio Instruments 1.0 (HKLM\...\Cakewalk Studio Instruments_is1) (Version: 1.0 - Cakewalk Music Software)
SuperWave Equinoxe (Poly 20) (HKLM-x32\...\{ACE79486-860F-4413-801C-CA0115FAE1E5}) (Version: 1.0 - SuperWave)
SuperWave Equinoxe Extreme HD Edition (Poly 20) (HKLM-x32\...\{CE6B55F8-6BBE-4999-A050-E01EE5A595F7}) (Version: 1.0 - SuperWave)
SynthMaster 2.6 VST/VSTi/RTAS/AAX (x64) Software Synthesizer version 2.6.21 (HKLM\...\{724D6BD0-88D0-4354-A124-6EE4D36E9EF2}_is1) (Version: 2.6.21 - KV331 Audio)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.4.4.2 - 't Schrijverke)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
USB Safely Remove 5.3 (HKLM-x32\...\USB Safely Remove_is1) (Version:  - SafelyRemove.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26866 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Zero-G Phaedra (HKLM-x32\...\Zero-G Phaedra) (Version:  - )
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-50711351-3327628023-445584072-1001_Classes\CLSID\{E0EB4174-E066-93A6-3225-6864931E48FE}\InprocServer32 -> kein Dateipfad

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03BD76AE-D4BD-4667-9868-3E59606C7495} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {4AE5DE09-2B4C-47D2-9D7F-22B377ABCE8B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-18] (Google Inc.)
Task: {5C8872E1-23FB-4F68-991E-74B59545CD6A} - System32\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {630E437E-8191-44F7-AB1B-CAE6033DBEE0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {6FD07135-5765-4E81-86A6-38C2ADD08422} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-27] (Adobe Systems Incorporated)
Task: {72605418-1C56-46BF-B428-8E1B8B3920A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-18] (Google Inc.)
Task: {78A71711-95D1-40A8-AE8D-C43452A7A216} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-10-29] ()
Task: {8F9410B3-0366-4AAA-9D35-97F295401A8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {93E657B7-D6CB-4697-B2D6-9825F4538387} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {9B75C5F5-351F-49DB-99A4-45502145694A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-29] (AVAST Software)
Task: {B8EFF749-F9A9-4B01-9FE1-28272FB8E0AB} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-08-26] (Samsung Electronics.)
Task: {B9082931-6747-4E43-BADA-8898A9D45DAC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BB72454D-58FF-4C3F-A767-7208AADB2C51} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe
Task: {BCD6156C-73CA-4266-8915-C5960102D453} - System32\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {F8A6BF1B-2937-497D-86AF-FDC5DC5BEF67} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-08-07] () <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE:/EXE:{898E107E-E6C2-4FAF-8394-4AC79EF46301} /F:UpdateWORKGROUP\GIGA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE:/EXE:{EB2F670E-4AF2-4973-ACFA-2C9D046E4278} /F:UpdateWORKGROUP\GIGA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.omniboxes.com/?type=sc&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-26 21:30 - 2015-12-26 21:30 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122601\algo.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00233680 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2015-12-30 11:23 - 2015-12-30 11:23 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\15123000\algo.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-26 07:39 - 2015-08-26 15:59 - 00019936 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\PACE:1E22FD8689209763

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-50711351-3327628023-445584072-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: PSI_SVC_2_x64 => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: USBSafelyRemoveService => 2
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "ACPW08DE"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\StartupApproved\Run: => "USB Safely Remove"
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\StartupApproved\Run: => "ACDSeeCommanderPro8"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C402BDE9-D146-4593-B71E-6597DB88A6DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{081A1586-7EBC-4E20-8CE0-C9D591DDB617}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{64FD0D2B-769B-41B5-9F1B-00D0B6E7A7D2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2873B9C9-4EBD-481A-923B-CB56E5EC83A2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7C390351-7EC7-42D0-A648-2E4990846D0F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{666B6EC4-2426-4A03-83A8-3DE29FEEA817}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B73CBD24-639A-43A6-9F60-4C62004458D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF481442-1E3E-4245-B8A7-5D3B3A792EC1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{832283D8-7370-4396-91EC-BEA28D2DBFF8}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{698A8344-CE70-4C26-8751-890CEFC6A46F}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{E04B278E-90E7-4557-9B83-31A9E1A2DB56}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{EF643D95-0D91-4F98-B05B-D9D730C36333}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{C13E0A8B-2563-45D7-8610-F1CA9CF8C1DA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A17806C7-3918-4538-A15D-3D841B4C5F8C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{34FCB44F-ABDC-4BB4-9DBC-16BAABE51C75}] => (Allow) LPort=51111
FirewallRules: [{3349ED7B-D65F-4062-BC5C-C7D6178712F1}] => (Allow) LPort=51112
FirewallRules: [{FAAB4CBC-E797-4766-8E78-C34C4ECA0E70}] => (Allow) LPort=51113
FirewallRules: [{49BB5F01-FC3A-4B7C-8570-9A4EB5434E1F}] => (Allow) C:\Program Files\Steinberg\Cubase 8\Cubase8.exe
FirewallRules: [TCP Query User{672B06A1-14F8-473F-BA9D-B77FAA97CF82}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{A30475B8-AADE-423D-A11F-F6C919916774}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [{1B774E39-1A95-48EE-BA43-1BC213667BAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77AB0910-214E-4889-9116-FC9F5D37CC97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F96541DB-A264-43FB-A2EC-FE4AE3ADD18A}] => (Allow) B:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{2306DD11-F455-4969-AAE4-F8FCC8561950}] => (Allow) B:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{1A3A7EAD-A309-483A-9F99-5E5242BEB57B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{5A06E824-B1BE-48D4-9B8F-C379EBD1ECC3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{FA547AD9-EAD6-4033-81DE-DC814778BCA0}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{6F88BEFF-279F-4A6C-86F2-5A04F834A4EB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{A6FC0F24-A917-4A30-AAD9-414C08964EC0}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{7A81241A-80D3-4522-9AD6-236F391DFAF6}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{CDB78794-D701-4A0F-9124-BE8536C035BF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{6D7177B3-12F0-4BBC-9F07-E82224C2784B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/30/2015 04:26:58 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\ProgramData\Package Cache\{50a7e828-15d3-40e6-a37d-22d5c5357878}\free-driver-scout_Setup_product-website_de-DE.exe Cache\{50a7e828-15d3-40e6-a37d-22d5c5357878}\free-driver-scout_Setup_product-website_de-DE.exe"  /uninstall; Beschreibung = Free Driver Scout; Fehler = 0x80070422).

Error: (12/29/2015 05:32:45 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/28/2015 03:44:42 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/27/2015 07:30:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mstsc.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215e2b5
Name des fehlerhaften Moduls: vorbis.acm, Version: 0.0.3.6, Zeitstempel: 0x50a51541
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001f4f
ID des fehlerhaften Prozesses: 0x127c
Startzeit der fehlerhaften Anwendung: 0xmstsc.exe0
Pfad der fehlerhaften Anwendung: mstsc.exe1
Pfad des fehlerhaften Moduls: mstsc.exe2
Berichtskennung: mstsc.exe3
Vollständiger Name des fehlerhaften Pakets: mstsc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mstsc.exe5

Error: (12/26/2015 05:40:25 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/25/2015 03:11:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/25/2015 03:54:55 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (12/25/2015 03:30:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Data" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (12/24/2015 04:40:48 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Data" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (12/23/2015 05:38:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Avast.VC110.DebugCRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1".
Die abhängige Assemblierung "Avast.VC110.DebugCRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (12/30/2015 04:38:12 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:12 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:12 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:12 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:12 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:11 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:11 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:11 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:10 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/30/2015 04:38:10 PM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Prozentuale Nutzung des RAM: 12%
Installierter physikalischer RAM: 16375.42 MB
Verfügbarer physikalischer RAM: 14257.83 MB
Summe virtueller Speicher: 16575.42 MB
Verfügbarer virtueller Speicher: 14062.3 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:429.14 GB) (Free:273.83 GB) NTFS
Drive d: (Studio) (Fixed) (Total:931.51 GB) (Free:472.66 GB) NTFS
Drive e: (3TB) (Fixed) (Total:2794.39 GB) (Free:238.82 GB) NTFS
Drive f: (Seagate 2TB) (Fixed) (Total:1863.01 GB) (Free:905.89 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 7AFD0835)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=429.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 398F4B15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 210A2F21)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 31.12.2015, 02:38   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.12.2015, 05:06   #5
paulmueck
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.12.30.06
  rootkit: v2015.12.26.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.16659
Paul :: GIGA [administrator]

31.12.2015 05:42:54
mbar-log-2015-12-31 (05-42-54).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 570916
Time elapsed: 12 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Ab und zu öffnet sich in Firefox ein neuer Tab von terraclick.com
Ist von NoScript blockiert.


Alt 31.12.2015, 05:15   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> Windows8.1 yoursites123 und omniboxes in den Browsern

Alt 31.12.2015, 06:31   #7
paulmueck
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Code:
ATTFilter
# AdwCleaner v5.027 - Bericht erstellt am 31/12/2015 um 06:40:03
# Aktualisiert am 30/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows 8.1 Pro  (x64)
# Benutzername : Paul - GIGA
# Gestartet von : C:\Users\Paul\Desktop\adwcleaner_5.027.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : SSFK
[-] Dienst Gelöscht : IhPul
[-] Dienst Gelöscht : WdMan

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files\SoftwareUpdater
[-] Ordner Gelöscht : C:\Program Files\Easeware
[-] Ordner Gelöscht : C:\Program Files (x86)\SFK
[-] Ordner Gelöscht : C:\ProgramData\WWMiniProW
[-] Ordner Gelöscht : C:\Users\Paul\AppData\Local\PackageAware
[-] Ordner Gelöscht : C:\Users\Paul\AppData\Roaming\eCyber
[-] Ordner Gelöscht : C:\Users\Paul\AppData\Roaming\TSv
[-] Ordner Gelöscht : C:\Users\Paul\AppData\Roaming\Easeware
[-] Ordner Gelöscht : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\Extensions\default_newtabff@gmail.com
[-] Ordner Gelöscht : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\Extensions\yahooprotected@gmail.com
[-] Ordner Gelöscht : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\default_newtabff@gmail.com
[#] Ordner Gelöscht : C:\Windows\SysNative\Tasks\Software Updater

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] Datei Gelöscht : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\searchplugins\omniboxes.xml

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****

[-] Verknüpfung Desinfiziert : C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : FreeDriverScout
[-] Geplante Aufgabe Gelöscht : Software Updater

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [default_newtabff@gmail.com]
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [yahooprotected@gmail.com]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\omniboxesSoftware
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\FFPluginHp
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\TSv
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\yoursites123Software
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SAKURA
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []

***** [ Internetbrowser ] *****

[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "omniboxes");
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "omniboxes");
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.omniboxes.com/?type=hp&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N");
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "hxxp://www.yoursites123.com/newtab/?type=nt&ts=1450939994&z=6480145fdbb131a95d93927g9z0wceft0cat5t6t6c&from=wpm07173&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N");
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\prefs.js] [Preference] Gelöscht : user_pref("browser.search.hiddenOneOffs", "yoursites123");
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "yoursites123");
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.yoursites123.com/?type=hp&ts=1449845906&z=ca34aef73e66828b21704b9g9z9z2t1b9z8wbtdg6e&from=ient07021&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N");
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [8036 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 Pro x64 
Ran by Paul (Limited) on 31.12.2015 at  6:53:29,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Roaming\productdata (Folder) 

user_pref(browser.search.searchengine.alias, yoursites123);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.yoursites123.com/favicon.ico);
user_pref(browser.search.searchengine.name, yoursites123);
user_pref(browser.search.searchengine.ptid, wpm07173);
user_pref(browser.search.searchengine.uid, SamsungXSSDX850XPROX512GB_S250NSAG520649N);
user_pref(browser.search.searchengine.url, hxxp://www.yoursites123.com/web/?type=ds&ts=1450098383&z=56bba1aada7e979ea3353dag7z4w8e0e6t8b7c4bfw&from=wpm07173&uid=SamsungXSSD



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.12.2015 at  6:55:45,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-12-2015
durchgeführt von Paul (Administrator) auf GIGA (31-12-2015 07:00:05)
Gestartet von C:\Users\Paul\Desktop
Geladene Profile: Paul (Verfügbare Profile: Paul & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-29] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\Paul\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [380416 2015-12-04] (RaMMicHaeL)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [ACDSeeCommanderPro8] => C:\Program Files\ACD Systems\ACDSee Pro\8.0\ACDSeeCommanderPro8.exe [2141192 2015-02-15] ()
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [382976 2013-08-22] (Microsoft Corporation)
ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\SysWOW64\mscoree.dll [330240 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-29] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AC7336B0-7DA0-41CE-8663-E97D683B24BA}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448349777&z=b1c169e85a3c40c8611f6ccg4z4z0b3c0z9t8m9m2q&from=ient07031&uid=SamsungXSSDX850XPROX512GB_S250NSAG520649N&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-29] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-29] (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-27] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-27] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-50711351-3327628023-445584072-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\searchplugins\yoursites123.xml [2015-12-24]
FF Extension: All-in-One Sidebar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-10-12]
FF Extension: Bulk Image Downloader - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2015-10-12]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\ALone-live@ya.ru.xpi [2015-10-27]
FF Extension: NoScript - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-24]
FF Extension: Image Toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{A4732521-77D9-447E-A557-B279AC923F06}.xpi [2015-11-30]
FF Extension: Status-4-Evar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\status4evar@caligonstudios.com.xpi [2015-12-08]
FF Extension: Tab Mix Plus - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-12-27]
FF Extension: Linkification - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi [2015-12-28]
FF Extension: Kein Name - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\elemhidehelper@adblockplus.org.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-17]
FF Extension: Adblock Plus - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\z6idumfm.default-1448357882933\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-29]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-29] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S4 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S4 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1666416 2014-12-25] (Crystal Rich Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-29] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 mlkumidi; C:\Windows\system32\drivers\mlkumidi.sys [55856 2014-08-30] (MusicLab, Inc.)
S3 nika6audio; C:\Windows\System32\Drivers\nika6audio.sys [365456 2015-04-01] (Native Instruments GmbH)
S3 nika6usb; C:\Windows\system32\DRIVERS\nika6usb.sys [83272 2015-04-01] (Native Instruments GmbH)
S3 OV550I; C:\Windows\System32\Drivers\ov550ivx.sys [196992 2008-02-21] (Omnivision Technologies, Inc.)
S4 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2015-02-15] (Padus, Inc.) [Datei ist nicht signiert]
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S4 cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S3 RTHDMIAzAudService; \SystemRoot\system32\drivers\RtHDMIVX.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2060-04-01 16:08 - 2015-10-28 19:50 - 00000000 ____D C:\Users\Paul\Documents\Cubase Projects
2060-04-01 16:00 - 2060-04-01 16:00 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2060-04-01 16:00 - 2060-04-01 16:00 - 00000000 ____D C:\ProgramData\Syncrosoft
2060-04-01 16:00 - 2015-05-13 23:03 - 00000000 ____D C:\ProgramData\eLicenser
2060-04-01 16:00 - 2011-12-14 20:22 - 00030352 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\Drivers\synusb64.sys
2015-12-31 06:55 - 2015-12-31 06:55 - 00001493 _____ C:\Users\Paul\Desktop\JRT.txt
2015-12-31 06:40 - 2015-12-31 06:46 - 00007942 _____ C:\Users\Paul\Desktop\AdwCleaner[C2].txt
2015-12-31 06:30 - 2015-12-31 06:30 - 01745920 _____ C:\Users\Paul\Desktop\adwcleaner_5.027.exe
2015-12-31 06:24 - 2015-12-31 06:24 - 01599336 _____ (Malwarebytes) C:\Users\Paul\Desktop\JRT.exe
2015-12-31 05:42 - 2015-12-31 05:55 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-31 05:42 - 2015-12-31 05:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-31 05:42 - 2015-12-31 05:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-31 05:32 - 2015-12-31 05:32 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-31 05:31 - 2015-12-31 05:55 - 00000000 ____D C:\Users\Paul\Desktop\mbar
2015-12-31 05:26 - 2015-12-31 05:31 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Paul\Desktop\mbar-1.09.3.1001.exe
2015-12-31 03:31 - 2015-12-31 05:31 - 00000001 _____ C:\Windows\SysWOW64\de.html
2015-12-30 17:07 - 2015-12-30 18:01 - 00054230 _____ C:\Users\Paul\Desktop\Addition No2.txt
2015-12-30 16:40 - 2015-12-31 07:00 - 00022168 _____ C:\Users\Paul\Desktop\FRST.txt
2015-12-30 16:40 - 2015-12-31 06:57 - 00038659 _____ C:\Users\Paul\Desktop\FRST No2.txt
2015-12-30 11:03 - 2015-12-30 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-12-29 23:22 - 2015-12-29 23:35 - 00059405 _____ C:\Users\Paul\Desktop\Addition ALT.txt
2015-12-29 23:21 - 2015-12-29 23:33 - 00047446 _____ C:\Users\Paul\Desktop\FRST ALT.txt
2015-12-29 23:15 - 2015-12-31 06:57 - 00000000 ____D C:\FRST
2015-12-29 23:14 - 2015-12-29 23:14 - 02370560 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2015-12-29 23:10 - 2015-12-29 23:10 - 00001532 _____ C:\Users\Paul\Desktop\iexplore.exe - Verknüpfung.lnk
2015-12-29 23:09 - 2015-12-29 23:09 - 00001499 _____ C:\Users\Paul\Desktop\firefox.exe - Verknüpfung.lnk
2015-12-24 07:53 - 2015-12-24 07:53 - 00000000 ____D C:\ProgramData\gWdMg
2015-12-24 07:53 - 2015-12-24 07:53 - 00000000 ____D C:\ProgramData\eWdMe
2015-12-24 07:52 - 2015-12-24 07:52 - 02770377 _____ (iBank) C:\Program Files (x86)\SSFK.exe
2015-12-23 09:46 - 2015-12-23 09:47 - 00000000 ____D C:\Users\Paul\AppData\Roaming\DVDVideoSoft
2015-12-23 09:46 - 2015-12-23 09:46 - 00001523 _____ C:\Users\Public\Desktop\Free Video to DVD Converter.lnk
2015-12-23 09:46 - 2015-12-23 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-12-23 09:46 - 2015-12-23 09:46 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-12-22 20:09 - 2015-12-23 13:41 - 00534871 _____ C:\Users\Paul\Desktop\DVDCover.cdr
2015-12-22 19:14 - 2015-12-23 10:25 - 00000000 ____D C:\Program Files (x86)\Boilsoft Video Cutter
2015-12-22 18:52 - 2015-12-22 18:52 - 00001171 _____ C:\Users\Public\Desktop\Boilsoft Video Splitter.lnk
2015-12-22 18:52 - 2015-12-22 18:52 - 00001129 _____ C:\Users\Public\Desktop\Boilsoft Video Joiner.lnk
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Boilsoft
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft
2015-12-22 18:52 - 2015-12-22 18:52 - 00000000 ____D C:\Program Files (x86)\Boilsoft
2015-12-22 17:39 - 2015-12-22 17:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-12-22 17:39 - 2015-12-22 17:39 - 00000000 ____D C:\Users\Paul\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-12-22 17:03 - 2015-12-22 17:03 - 00001078 _____ C:\Users\Paul\Desktop\Format Factory.lnk
2015-12-22 17:03 - 2015-12-22 17:03 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-12-22 17:03 - 2015-12-22 17:03 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2015-12-21 19:02 - 2015-12-23 10:20 - 00005632 _____ C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-21 18:56 - 2015-12-23 12:01 - 00000000 ____D C:\Avi2DVD
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\Program Files (x86)\Xvid
2015-12-21 18:25 - 2015-12-21 18:25 - 00000000 ____D C:\Program Files (x86)\ffdshow
2015-12-21 18:25 - 2010-03-03 00:00 - 00085504 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-12-21 18:25 - 2009-06-07 16:25 - 00077824 _____ C:\Windows\SysWOW64\xvid.ax
2015-12-21 18:25 - 2009-06-07 16:24 - 00180224 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-12-21 18:25 - 2009-06-07 16:16 - 00819200 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2015-12-21 18:24 - 2015-12-21 18:24 - 00000000 ____D C:\Program Files (x86)\Haali
2015-12-21 18:23 - 2015-12-21 18:23 - 00033019 _____ C:\Windows\SysWOW64\CoreAAC-uninstall.exe
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2015-12-21 18:23 - 2015-12-21 18:23 - 00000000 ____D C:\Program Files (x86)\AC3Filter
2015-12-21 18:23 - 2009-08-11 21:22 - 00580096 _____ C:\Windows\system32\ac3filter64.acm
2015-12-21 18:23 - 2009-08-11 21:18 - 00497664 _____ C:\Windows\SysWOW64\ac3filter.acm
2015-12-21 18:22 - 2015-12-21 19:42 - 00001002 _____ C:\Users\Paul\Desktop\Avi2Dvd.lnk
2015-12-21 18:22 - 2015-12-21 18:59 - 00000000 ____D C:\Program Files (x86)\Avi2Dvd
2015-12-21 18:22 - 2015-12-21 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avi2Dvd
2015-12-21 18:22 - 2015-12-21 18:22 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avi2Dvd
2015-12-20 10:41 - 2015-12-20 10:41 - 00000091 _____ C:\Windows\fnerr.dat
2015-12-16 20:17 - 2015-12-16 20:17 - 00000866 _____ C:\Users\Public\Desktop\Print CD.lnk
2015-12-16 20:16 - 2015-12-20 09:23 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Epson
2015-12-16 20:16 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\UDL
2015-12-16 20:16 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-12-16 19:55 - 2015-12-31 06:55 - 00000929 _____ C:\Windows\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}.job
2015-12-16 19:55 - 2015-12-16 19:55 - 00003960 _____ C:\Windows\System32\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}
2015-12-16 19:48 - 2015-12-31 06:48 - 00000929 _____ C:\Windows\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}.job
2015-12-16 19:48 - 2015-12-16 19:48 - 00003960 _____ C:\Windows\System32\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}
2015-12-16 19:48 - 2015-12-16 19:48 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-12-16 19:39 - 2015-12-16 19:39 - 00000000 ____D C:\Program Files\EpsonNet
2015-12-16 19:38 - 2015-12-16 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-16 19:38 - 2015-12-16 20:17 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2015-12-16 19:38 - 2015-12-16 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-12-16 19:38 - 2015-12-16 20:16 - 00000000 ____D C:\Program Files (x86)\epson
2015-12-16 19:38 - 2015-12-16 19:38 - 00000945 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-12-16 19:38 - 2014-02-25 00:00 - 00466944 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2015-12-16 19:38 - 2013-12-06 04:05 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBNOE.DLL
2015-12-16 19:38 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2015-12-16 19:38 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BNOE.DLL
2015-12-16 19:38 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-12-16 19:15 - 2015-12-19 09:11 - 00000000 ____D C:\ProgramData\Epson
2015-12-16 15:40 - 2015-12-31 06:40 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-14 14:07 - 2015-12-14 14:07 - 00000000 ____D C:\ProgramData\6WdM6
2015-12-14 14:06 - 2015-12-14 14:06 - 00000000 ____D C:\ProgramData\9WdM9
2015-12-11 15:59 - 2015-12-11 16:00 - 00000000 ____D C:\ProgramData\OWdMO
2015-12-05 10:43 - 2015-12-05 10:43 - 00000000 ____D C:\Program Files (x86)\GUM519E.tmp
2015-12-03 15:04 - 2015-12-03 15:04 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 15:04 - 2015-12-03 15:04 - 00000000 ____D C:\Program Files\Common Files\AV

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-31 06:50 - 2015-10-11 11:21 - 00000000 ____D C:\AdwCleaner
2015-12-31 06:49 - 2013-12-22 13:54 - 02061180 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-31 06:49 - 2013-09-30 04:58 - 00876094 _____ C:\Windows\system32\perfh007.dat
2015-12-31 06:49 - 2013-09-30 04:58 - 00200744 _____ C:\Windows\system32\perfc007.dat
2015-12-31 06:49 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-31 06:48 - 2015-08-18 16:27 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-31 06:42 - 2015-08-18 16:27 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-31 06:42 - 2015-06-21 10:05 - 00000000 ____D C:\ProgramData\PACE
2015-12-31 06:42 - 2015-01-05 18:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-31 06:42 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-31 06:42 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-31 06:41 - 2015-01-02 00:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-31 06:41 - 2013-12-22 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-31 06:40 - 2015-01-03 19:46 - 00000008 __RSH C:\Users\Paul\ntuser.pol
2015-12-31 06:40 - 2015-01-01 23:46 - 00000000 ____D C:\Users\Paul
2015-12-30 17:11 - 2015-01-01 23:51 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-50711351-3327628023-445584072-1001
2015-12-30 17:06 - 2015-01-04 12:49 - 00000000 ____D C:\Program Files\CCleaner
2015-12-30 17:04 - 2015-11-29 10:59 - 00000000 ____D C:\Users\Paul\AppData\Local\Xara
2015-12-30 16:59 - 2015-01-02 00:44 - 00000000 ____D C:\Users\Paul\AppData\Roaming\ClassicShell
2015-12-30 16:27 - 2015-01-02 00:10 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-30 11:03 - 2015-03-12 15:34 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2015-12-30 11:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-12-28 08:50 - 2015-01-03 17:09 - 00000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2015-12-27 19:39 - 2015-04-03 07:29 - 00002256 ____H C:\Users\Paul\Documents\Default.rdp
2015-12-27 17:33 - 2015-01-05 18:42 - 00003774 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-27 17:29 - 2015-01-04 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-27 02:09 - 2015-02-28 11:20 - 00000000 ____D C:\Users\Paul\AppData\Roaming\dvdcss
2015-12-25 13:26 - 2015-09-21 14:56 - 00000000 ____D C:\Windows\Minidump
2015-12-23 17:31 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-23 17:10 - 2015-07-17 16:19 - 00001908 _____ C:\Windows\diagwrn.xml
2015-12-23 17:10 - 2015-07-17 16:19 - 00001908 _____ C:\Windows\diagerr.xml
2015-12-22 19:00 - 2013-08-22 15:44 - 00681184 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-21 17:23 - 2015-01-03 18:17 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-12-19 09:31 - 2015-02-02 19:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Canon
2015-12-17 19:48 - 2015-01-24 08:39 - 00000000 ____D C:\Users\Paul\dwhelper
2015-12-16 20:17 - 2015-04-11 08:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-16 20:17 - 2013-09-30 05:00 - 00000000 ____D C:\Windows\ShellNew
2015-12-16 15:40 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-12-14 18:53 - 2015-03-15 09:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-12 10:45 - 2015-01-01 23:46 - 00000000 ____D C:\Users\Paul\AppData\Local\Packages
2015-12-07 18:37 - 2015-08-31 17:37 - 00000000 ____D C:\Users\Paul\AppData\Roaming\MyPhoneExplorer
2015-12-05 13:02 - 2015-02-01 08:53 - 00000000 ____D C:\Users\Paul\AppData\Local\Microsoft Help
2015-12-05 10:43 - 2015-08-18 16:27 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 10:43 - 2015-08-18 16:27 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-24 07:52 - 2015-12-24 07:52 - 2770377 _____ (iBank) C:\Program Files (x86)\SSFK.exe
2015-10-02 16:03 - 2015-10-02 16:08 - 0001043 _____ () C:\Users\Paul\AppData\Roaming\burnaware.ini
2015-01-05 19:20 - 2015-04-01 17:16 - 0159200 ____T () C:\Users\Paul\AppData\Roaming\CrashRpt1402.dll
2015-10-18 12:43 - 2015-10-28 18:24 - 0000016 _____ () C:\Users\Paul\AppData\Roaming\msregsvv.dll
2015-06-28 07:57 - 2015-06-28 07:57 - 0105528 _____ (Un4seen Developments) C:\Users\Paul\AppData\Local\bass.dll
2015-12-21 19:02 - 2015-12-23 10:20 - 0005632 _____ () C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-03 18:42 - 2015-01-03 18:42 - 0000017 _____ () C:\Users\Paul\AppData\Local\resmon.resmoncfg
2015-10-18 12:43 - 2015-10-28 18:24 - 0000016 _____ () C:\ProgramData\autobk.inc
2015-07-05 12:38 - 2015-07-05 12:38 - 0000117 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Einige Dateien in TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Paul\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-31 04:59

==================== Ende von FRST.txt ============================
         
Habe FRST wie beim letzten Mal geöffnet, nichts verändert und auf 'untersuchen' geklickt.
Eine Addition.txt-Datei wurde dieses mal nicht automatisch erstellt und geöffnet.

Alt 31.12.2015, 06:55   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.12.2015, 07:15   #9
paulmueck
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Eben war das Häkchen bei "Addition.txt" beim Öffnen wieder gesetzt.
Vorhin nicht.

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-12-2015
durchgeführt von Paul (2015-12-31 07:59:31)
Gestartet von C:\Users\Paul\Desktop
Windows 8.1 Pro (X64) (2015-01-01 22:46:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-50711351-3327628023-445584072-500 - Administrator - Disabled)
Gast (S-1-5-21-50711351-3327628023-445584072-501 - Limited - Disabled)
Paul (S-1-5-21-50711351-3327628023-445584072-1001 - Administrator - Enabled) => C:\Users\Paul

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7+ Taskbar Tweaker v5.1 (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\7 Taskbar Tweaker) (Version: 5.1 - RaMMicHaeL)
Ableton Live 9 Suite (HKLM\...\{11DF5764-52FF-4149-8B65-FB4D721975C9}) (Version: 9.0.0.0 - Ableton)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
ACDSee Pro 8 (64-bit) (HKLM\...\{F84CE839-8CDD-4DC1-9A05-FA93BEA8B63D}) (Version: 8.0.0.266 - ACD Systems International Inc.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
AIDA64 Engineer v5.00 (HKLM-x32\...\AIDA64 Engineer_is1) (Version: 5.00 - FinalWire Ltd.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Ample Guitar F II version 2.0.2 (HKLM-x32\...\{26ABCDDF-80B4-409D-B169-400C54E6E1C0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar G II Extension 1 (Both Pickup) version 2.0.2 (HKLM-x32\...\{CEFDB1D7-F4AE-42CD-A060-B923453056B0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar G II version 2.0.2 (HKLM-x32\...\{C5C4DE66-ACC5-4431-892B-A581516DF4DD}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar M II version 2.0.2 (HKLM-x32\...\{DBBA77E4-611C-4633-AC13-96A6598AF746}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar P II Extension (Neck Pickup) version 2.0.2 (HKLM-x32\...\{3758B201-9310-4492-A8FA-003C2FD6BFA9}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar P II version 2.0.2 (HKLM-x32\...\{5F4EB709-CBDD-4B9D-A733-5CD7FA3FF6E2}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyMP4 Blu-ray Player 6.1.30 (HKLM-x32\...\{DF8BE739-832A-482a-8C75-FB9628A6BE6E}_is1) (Version: 6.1.30 - AnyMP4 Studio)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.7.0 - CrystalIdea Software, Inc.)
ArcSoft PhotoImpression 6 (HKLM-x32\...\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}) (Version: 6.1.8.146 - ArcSoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Boilsoft Video Joiner 6.57 (HKLM-x32\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version:  - Boilsoft, Inc.)
Boilsoft Video Splitter 6.34 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version:  - Boilsoft, Inc.)
Bulk Image Downloader v4.91.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version:  - Antibody Software)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
Camel Audio Alchemy64 (HKLM-x32\...\Camel Audio Alchemy64) (Version: 1.25.0 - Camel Audio)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Cantabile 2.0 Lite (x64) (HKLM-x32\...\Cantabile 2.0 Lite (x64)) (Version:  - Topten Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
CGS17_Setup_x64 (Version: 17.3 - Corel Corporation) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{B344E0F4-3FD8-4D88-97AF-3F75033FA562}) (Version: 17.3.0.772 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.3.772 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.3.772 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CS (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - DE (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - ES (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FR (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - JP (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - NL (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PL (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - RU (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.3.0.772 - Corel Corporation)
Custom Shop version 1.6.1 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.6.1 - IK Multimedia)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15.1 - Illustrate)
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 11 - Illustrate)
DX10 (HKLM-x32\...\DX10) (Version:  - Image-Line)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West Vapor (HKLM-x32\...\East West Vapor) (Version:  - )
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Elevated Installer (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service)
E-License Manager (Version: 1.3.0.0 - Magix) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.1.1172 - Steinberg Media Technologies GmbH)
Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.1.0.224 - Best Service)
Engine 2 (Version: 2.1.0.224 - Best Service) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.42.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-620 Series Printer Uninstall (HKLM\...\EPSON XP-620 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
Everything Bundle Upgrade for SynthMaster version 3.0 (HKLM-x32\...\{8E3B1338-DC03-4C10-AB9D-BFD06DBA609D}_is1) (Version: 3.0 - KV331 Audio)
EZkeys Mellotoon 64 (HKLM\...\{EA588FDB-2CDB-4F19-BF6A-4DC6EA64D5C7}) (Version: 1.0.1 - Toontrack)
ffdshow [rev 3299] [2010-03-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.0.0.3299 - )
FL Studio 12.0.2 (HKLM\...\FL Studio 12_is1) (Version:  - )
flickr downloadr (HKLM-x32\...\flickr downloadr 2.0.0.1) (Version: 2.0.0.1 - flickrdownloadr.com)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Free Video to DVD Converter (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.71.1211 - DVDVideoSoft Ltd.)
FXpansion BFD3 (HKLM-x32\...\FXpansion BFD3) (Version: 3.0.4 - FXpansion Audio UK Ltd)
Garmin BaseCamp (HKLM-x32\...\{F7CEFC8E-591B-4F02-96AC-44972E6EAC3F}) (Version: 4.5.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NTU 2016.10 (HKLM-x32\...\{4DE11D48-DC9D-46FD-9CDA-314BFF6145AD}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.72.5234 - Gretech Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
IK Multimedia Authorization Manager version 1.0.12 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.12 - IK Multimedia)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Harmless (HKLM-x32\...\IL Harmless) (Version:  - Image-Line)
IL Harmor (HKLM-x32\...\IL Harmor) (Version:  - Image-Line)
IL Minihost Modular (HKLM-x32\...\IL Minihost Modular) (Version:  - Image-Line)
IL Ogun (HKLM-x32\...\IL Ogun) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
IL Sytrus (HKLM-x32\...\IL Sytrus) (Version:  - Image-Line)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
IsoBuster 2.8.5 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
iZotope Iris 2 (HKLM-x32\...\iZotope Iris 2_is1) (Version: 2.01 - iZotope, Inc.)
iZotope Iris 2 Abstract Library (HKLM-x32\...\iZotope Iris 2 Abstract Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Core Library (HKLM-x32\...\iZotope Iris 2 Core Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Environments 1 Library (HKLM-x32\...\iZotope Iris 2 Environments 1 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Environments 2 Library (HKLM-x32\...\iZotope Iris 2 Environments 2 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 EuroRack Modular Library (HKLM-x32\...\iZotope Iris 2 EuroRack Modular Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Instruments Library (HKLM-x32\...\iZotope Iris 2 Instruments Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Objects Library (HKLM-x32\...\iZotope Iris 2 Objects Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 1 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 1 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Synthesizers 2 Library (HKLM-x32\...\iZotope Iris 2 Synthesizers 2 Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Toys Library (HKLM-x32\...\iZotope Iris 2 Toys Library_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Iris 2 Voice Library (HKLM-x32\...\iZotope Iris 2 Voice Library_is1) (Version: 1.00 - iZotope, Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
JDownloader 0.9 (HKLM-x32\...\7289-1030-5602-7421) (Version: 0.9 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Lethality V1.1.2 Retail version 1.1.2 (HKLM-x32\...\Lethality V1.1.2 Retail_is1) (Version: 1.1.2 - )
LicensingService (x32 Version: 1.00.0000 - Corel Corporation) Hidden
LinPlug Spectral (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\LinPlug Spectral) (Version:  - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Mp3tag v2.72 (HKLM-x32\...\Mp3tag) (Version: v2.72 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicLab RealStrat (32-bit) (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (64-bit) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (HKLM-x32\...\{87d50511-cb30-4e5d-99b4-763b91649a0b}) (Version: 3.1.0.7127 - MusicLab, Inc.)
MusicLab RealStrat Sound Bank (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab Virtual Midi Driver (64-bit) (HKLM\...\{2B019162-86C7-4D14-AED0-2CB5110BA4FF}) (Version: 2.0.2.0 - MusicLab, Inc.)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.0.1510 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.8.0.262 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.0.1498 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Komplete 9 Ultimate (HKLM-x32\...\Native Instruments Komplete 9 Ultimate) (Version:  - Native Instruments)
Native Instruments Komplete Audio 6 Driver (HKLM-x32\...\Native Instruments Komplete Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.1.451 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.6 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.0.533 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.4.0.2 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.0.725 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.1 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version:  - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version:  - Native Instruments)
Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version:  - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version:  - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.0.1093 - Native Instruments)
Native Instruments Session Horns (HKLM-x32\...\Native Instruments Session Horns) (Version:  - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.12 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.2 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.0.394 - Native Instruments)
Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version:  - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version:  - Native Instruments)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
OVTScanner_Vista64 (HKLM-x32\...\{AE09704D-9051-4C25-B940-77F889F0C93F}) (Version: 1.00.0000 - OVT)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.5.308.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
Pianoteq v2.2.0 (HKLM-x32\...\Pianoteq22) (Version:  - )
PicPick (HKLM-x32\...\PicPick) (Version: 4.0.7 - NGWIN)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Rainbow Folders (HKLM-x32\...\{2AEA17BA-FAB3-49D2-BB85-0669D14DC9BC}_is1) (Version: 2.05 - Piotr Chodzinski)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0024 - Realtek)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
reFX Vanguard VSTi RTAS v1.8.0 (HKLM-x32\...\reFX Vanguard_is1) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Saleen WebDownloader (HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\Saleen WebDownloader) (Version:  - Saleen Software)
SampleMoog (HKLM-x32\...\{218AA20E-F016-4385-9F74-04FF8E596FB2}) (Version: 1.0.0 - IK Multimedia)
SampleTank 3 version 3.5.1 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.5.1 - IK Multimedia)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.7 - Samsung Electronics)
Schattenkopieclient (HKLM-x32\...\{23E5032B-56CA-4C19-A72E-B50161DB82CA}) (Version: 5.2.01 - Microsoft)
Steinberg Cubase 8 64bit (HKLM\...\{C806BE81-01DE-4EFA-33AC-34635B3EAB4A}) (Version: 8.0.30 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums (HKLM-x32\...\{E9BFA009-DD72-4F2A-84CB-6DF46472B563}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Virtual Guitarist Electric Edition (HKLM-x32\...\Virtual Guitarist Electric Edition) (Version:  - )
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Bass Amp Content (HKLM-x32\...\{A2FC1750-B90F-4948-9D6E-DDDA155C6EC8}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Studio Instruments 1.0 (HKLM\...\Cakewalk Studio Instruments_is1) (Version: 1.0 - Cakewalk Music Software)
SuperWave Equinoxe (Poly 20) (HKLM-x32\...\{ACE79486-860F-4413-801C-CA0115FAE1E5}) (Version: 1.0 - SuperWave)
SuperWave Equinoxe Extreme HD Edition (Poly 20) (HKLM-x32\...\{CE6B55F8-6BBE-4999-A050-E01EE5A595F7}) (Version: 1.0 - SuperWave)
SynthMaster 2.6 VST/VSTi/RTAS/AAX (x64) Software Synthesizer version 2.6.21 (HKLM\...\{724D6BD0-88D0-4354-A124-6EE4D36E9EF2}_is1) (Version: 2.6.21 - KV331 Audio)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.4.4.2 - 't Schrijverke)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
USB Safely Remove 5.3 (HKLM-x32\...\USB Safely Remove_is1) (Version:  - SafelyRemove.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26866 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Zero-G Phaedra (HKLM-x32\...\Zero-G Phaedra) (Version:  - )
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-50711351-3327628023-445584072-1001_Classes\CLSID\{E0EB4174-E066-93A6-3225-6864931E48FE}\InprocServer32 -> kein Dateipfad

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03BD76AE-D4BD-4667-9868-3E59606C7495} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {4AE5DE09-2B4C-47D2-9D7F-22B377ABCE8B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-18] (Google Inc.)
Task: {5C8872E1-23FB-4F68-991E-74B59545CD6A} - System32\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {630E437E-8191-44F7-AB1B-CAE6033DBEE0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {6FD07135-5765-4E81-86A6-38C2ADD08422} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-27] (Adobe Systems Incorporated)
Task: {72605418-1C56-46BF-B428-8E1B8B3920A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-18] (Google Inc.)
Task: {78A71711-95D1-40A8-AE8D-C43452A7A216} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-10-29] ()
Task: {8F9410B3-0366-4AAA-9D35-97F295401A8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {93E657B7-D6CB-4697-B2D6-9825F4538387} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {9B75C5F5-351F-49DB-99A4-45502145694A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-29] (AVAST Software)
Task: {B8EFF749-F9A9-4B01-9FE1-28272FB8E0AB} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-08-26] (Samsung Electronics.)
Task: {B9082931-6747-4E43-BADA-8898A9D45DAC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BCD6156C-73CA-4266-8915-C5960102D453} - System32\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-620 Series Update {898E107E-E6C2-4FAF-8394-4AC79EF46301}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE:/EXE:{898E107E-E6C2-4FAF-8394-4AC79EF46301} /F:UpdateWORKGROUP\GIGA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-620 Series Update {EB2F670E-4AF2-4973-ACFA-2C9D046E4278}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNOE.EXE:/EXE:{EB2F670E-4AF2-4973-ACFA-2C9D046E4278} /F:UpdateWORKGROUP\GIGA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-29 12:25 - 2015-11-29 12:25 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-30 19:26 - 2015-12-30 19:26 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\15123001\algo.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-12-23 09:46 - 2015-12-11 01:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-09-26 07:39 - 2015-08-26 15:59 - 00019936 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-11-29 12:25 - 2015-11-29 12:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-04 09:55 - 2015-12-27 12:16 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-04 09:55 - 2015-12-27 12:16 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\PACE:1E22FD8689209763

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-50711351-3327628023-445584072-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: PSI_SVC_2_x64 => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: USBSafelyRemoveService => 2
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "ACPW08DE"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\StartupApproved\Run: => "USB Safely Remove"
HKU\S-1-5-21-50711351-3327628023-445584072-1001\...\StartupApproved\Run: => "ACDSeeCommanderPro8"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C402BDE9-D146-4593-B71E-6597DB88A6DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{081A1586-7EBC-4E20-8CE0-C9D591DDB617}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{64FD0D2B-769B-41B5-9F1B-00D0B6E7A7D2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2873B9C9-4EBD-481A-923B-CB56E5EC83A2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7C390351-7EC7-42D0-A648-2E4990846D0F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{666B6EC4-2426-4A03-83A8-3DE29FEEA817}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B73CBD24-639A-43A6-9F60-4C62004458D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF481442-1E3E-4245-B8A7-5D3B3A792EC1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{832283D8-7370-4396-91EC-BEA28D2DBFF8}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{698A8344-CE70-4C26-8751-890CEFC6A46F}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{E04B278E-90E7-4557-9B83-31A9E1A2DB56}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{EF643D95-0D91-4F98-B05B-D9D730C36333}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{C13E0A8B-2563-45D7-8610-F1CA9CF8C1DA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A17806C7-3918-4538-A15D-3D841B4C5F8C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{34FCB44F-ABDC-4BB4-9DBC-16BAABE51C75}] => (Allow) LPort=51111
FirewallRules: [{3349ED7B-D65F-4062-BC5C-C7D6178712F1}] => (Allow) LPort=51112
FirewallRules: [{FAAB4CBC-E797-4766-8E78-C34C4ECA0E70}] => (Allow) LPort=51113
FirewallRules: [{49BB5F01-FC3A-4B7C-8570-9A4EB5434E1F}] => (Allow) C:\Program Files\Steinberg\Cubase 8\Cubase8.exe
FirewallRules: [TCP Query User{672B06A1-14F8-473F-BA9D-B77FAA97CF82}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{A30475B8-AADE-423D-A11F-F6C919916774}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [{1B774E39-1A95-48EE-BA43-1BC213667BAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77AB0910-214E-4889-9116-FC9F5D37CC97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F96541DB-A264-43FB-A2EC-FE4AE3ADD18A}] => (Allow) B:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{2306DD11-F455-4969-AAE4-F8FCC8561950}] => (Allow) B:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{1A3A7EAD-A309-483A-9F99-5E5242BEB57B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{5A06E824-B1BE-48D4-9B8F-C379EBD1ECC3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{FA547AD9-EAD6-4033-81DE-DC814778BCA0}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{6F88BEFF-279F-4A6C-86F2-5A04F834A4EB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{A6FC0F24-A917-4A30-AAD9-414C08964EC0}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{7A81241A-80D3-4522-9AD6-236F391DFAF6}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{CDB78794-D701-4A0F-9124-BE8536C035BF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{6D7177B3-12F0-4BBC-9F07-E82224C2784B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/31/2015 07:46:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Data" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (12/31/2015 06:53:29 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Paul\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x80070422).

Error: (12/31/2015 06:40:03 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (12/31/2015 06:40:03 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (12/31/2015 06:40:03 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (12/31/2015 06:40:03 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (12/31/2015 06:40:03 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (12/31/2015 06:40:03 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.   0xc0041801 (0xc0041801)

Error: (12/31/2015 06:40:03 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
	 0x8e5e0210 (0x8e5e0210)

Error: (12/31/2015 06:40:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (2988) Windows: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0005B.log.


Systemfehler:
=============
Error: (12/31/2015 07:47:04 AM) (Source: DCOM) (EventID: 10010) (User: Giga)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/31/2015 07:46:34 AM) (Source: DCOM) (EventID: 10010) (User: Giga)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/31/2015 07:46:04 AM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2015 07:46:04 AM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2015 07:46:04 AM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2015 07:46:04 AM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2015 07:35:55 AM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2015 07:35:55 AM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2015 07:35:55 AM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2015 07:35:54 AM) (Source: DCOM) (EventID: 10016) (User: Giga)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}GigaPaulS-1-5-21-50711351-3327628023-445584072-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16375.42 MB
Verfügbarer physikalischer RAM: 14208.07 MB
Summe virtueller Speicher: 16575.42 MB
Verfügbarer virtueller Speicher: 14201.19 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:429.14 GB) (Free:273.9 GB) NTFS
Drive d: (Studio) (Fixed) (Total:931.51 GB) (Free:472.66 GB) NTFS
Drive e: (3TB) (Fixed) (Total:2794.39 GB) (Free:226.73 GB) NTFS
Drive f: (Seagate 2TB) (Fixed) (Total:1863.01 GB) (Free:898.06 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 7AFD0835)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=429.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 398F4B15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 210A2F21)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 31.12.2015, 07:33   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\ProgramData\gWdMg
C:\ProgramData\eWdMe
C:\Program Files (x86)\SSFK.exe
C:\ProgramData\6WdM6
C:\ProgramData\9WdM9
C:\ProgramData\OWdMO
C:\Program Files (x86)\GUM519E.tmp
folder: C:\ProgramData\PACE
hosts:
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.12.2015, 07:42   #11
paulmueck
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-12-2015
durchgeführt von Paul (2015-12-31 08:36:48) Run:1
Gestartet von C:\Users\Paul\Desktop
Geladene Profile: Paul (Verfügbare Profile: Paul & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\ProgramData\gWdMg
C:\ProgramData\eWdMe
C:\Program Files (x86)\SSFK.exe
C:\ProgramData\6WdM6
C:\ProgramData\9WdM9
C:\ProgramData\OWdMO
C:\Program Files (x86)\GUM519E.tmp
folder: C:\ProgramData\PACE
hosts:
emptytemp:
*****************

C:\ProgramData\gWdMg => erfolgreich verschoben
C:\ProgramData\eWdMe => erfolgreich verschoben
C:\Program Files (x86)\SSFK.exe => erfolgreich verschoben
C:\ProgramData\6WdM6 => erfolgreich verschoben
C:\ProgramData\9WdM9 => erfolgreich verschoben
C:\ProgramData\OWdMO => erfolgreich verschoben
C:\Program Files (x86)\GUM519E.tmp => erfolgreich verschoben

========================= folder: C:\ProgramData\PACE ========================

2015-06-21 10:05 - 2015-10-16 17:13 - 0000000 ____D () C:\ProgramData\PACE\Eden
2015-06-21 10:05 - 2015-10-16 17:13 - 2971648 _____ () C:\ProgramData\PACE\Eden\com.paceap.eden.clientdb.v1.01.sdb
2015-06-21 10:05 - 2015-06-21 10:05 - 0000000 ____D () C:\ProgramData\PACE\Eden\LdLogs

====== Ende von Folder: ======

Hosts erfolgreich wiederhergestellt.
EmptyTemp: => 64.6 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 08:36:52 ====
         

Alt 31.12.2015, 07:59   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.12.2015, 10:26   #13
paulmueck
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



MBAM hatte auch 11 Bedrohungen gefunden.
Die waren aber alle schon in Quarantäne.
Hab sie jetzt wie gewünscht entfernen lassen.

Mein "Desktop anzeigen" Button öffnet jetzt den Windows Explorer.
Das krieg ich aber wieder hin.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 31.12.2015
Suchlaufzeit: 09:15
Protokolldatei: MBAM SVP.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.31.02
Rootkit-Datenbank: v2015.12.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Paul

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 569808
Abgelaufene Zeit: 5 Min., 54 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0591c6c2c4d27e4b9c012feef557777f
# end=init
# utc_time=2015-12-31 08:35:38
# local_time=2015-12-31 09:35:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27435
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0591c6c2c4d27e4b9c012feef557777f
# end=updated
# utc_time=2015-12-31 08:39:53
# local_time=2015-12-31 09:39:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0591c6c2c4d27e4b9c012feef557777f
# engine=27435
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-31 09:39:00
# local_time=2015-12-31 10:39:00 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 81 751130 25150842 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8007945 76436033 0 0
# scanned=491858
# found=12
# cleaned=0
# scan_time=3546
sh=FB278069B27A922E0C72B2D7D290C46C72AB6CEF ft=1 fh=7f235e12d9f33bd7 vn="Variante von Win32/ELEX.GN evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\SSFK.exe.vir"
sh=25E1356A44D1C73C8BA0CC980520EAA2F85B4775 ft=1 fh=c71c0011f562fe5a vn="Variante von Win32/ELEX.FF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\1WdsManPro1\WdsManPro.exe.vir"
sh=B351CECA401996376FF3FD52DBA772C9A0C1F893 ft=1 fh=c71c00118794ff6c vn="Variante von Win32/ELEX.FR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WWdsManProW\mitest\anyud.exe.vir"
sh=435DBC96AC5B690B8BC0B6EB5A5BE09F7539AA3A ft=1 fh=8c6f533e19abbbd5 vn="Variante von Win32/ELEX.GG evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WWMiniProW\mitest\anyud.exe.vir"
sh=25A789BFC199A9C84F95079EE940BBD5C78CB4EC ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\inhalt von z40a11nl.default-1444557828480 24-11-15\Extensions\yahooprotected@gmail.com\chrome\content\jquery-2.1.0.min.js.vir"
sh=D360CF9792F12E63E6AF9CB246CB903E4382E04C ft=1 fh=f9fe14675eaa45ae vn="Variante von Win32/ELEX.GE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Paul\AppData\Roaming\TSv\TSvr.exe.vir"
sh=973E3BC22DE2AA08EE87C9D43627BAAA51611C15 ft=1 fh=d5b4c3b797efb3d9 vn="Variante von Win32/ELEX.GG evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\SSFK.exe.xBAD"
sh=B594D783E253103F90B2E27D5656FECADABB9439 ft=1 fh=c71c0011759a5db4 vn="Variante von Win32/ELEX.GG evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\6WdM6\WdMan.exe"
sh=B594D783E253103F90B2E27D5656FECADABB9439 ft=1 fh=c71c0011759a5db4 vn="Variante von Win32/ELEX.GG evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\9WdM9\WdMan.exe"
sh=B594D783E253103F90B2E27D5656FECADABB9439 ft=1 fh=c71c0011759a5db4 vn="Variante von Win32/ELEX.GG evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\eWdMe\WdMan.exe"
sh=B594D783E253103F90B2E27D5656FECADABB9439 ft=1 fh=c71c0011759a5db4 vn="Variante von Win32/ELEX.GG evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\gWdMg\WdMan.exe"
sh=B594D783E253103F90B2E27D5656FECADABB9439 ft=1 fh=c71c0011759a5db4 vn="Variante von Win32/ELEX.GG evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\OWdMO\WdMan.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	20.0.0.235  
 Mozilla Firefox (43.0.3) 
 Mozilla Thunderbird (38.5.0) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Alt 31.12.2015, 10:36   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Wieso läuft bei dir das Sicherheitscenter von Windows nicht? Prüf das mal bitte!

Und Java deinstallieren, dieses Zeugs wird im Prinzip nicht mehr gebraucht.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.12.2015, 10:58   #15
paulmueck
 
Windows8.1 yoursites123 und omniboxes in den Browsern - Standard

Windows8.1 yoursites123 und omniboxes in den Browsern



Jetzt läuft's.
SmartScreen ist deaktiviert.

Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	20.0.0.235  
 Mozilla Firefox (43.0.3) 
 Mozilla Thunderbird (38.5.0) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Soll ich das hier nehmen, um Java zu entfernen?:
HTML-Code:
hxxp://filepony.de/download-javara/get-mirror-server.html

Antwort

Themen zu Windows8.1 yoursites123 und omniboxes in den Browsern
antivirus, browser, cubase, dnsapi.dll, downloader, firefox, flash player, format, google, helper, homepage, iexplore.exe, installation, launch, logfile, mozilla, proxy, prozesse, registry, scan, security, software, spark, srtasks.exe, system, udp, usb, vista, windows, windows xp



Ähnliche Themen: Windows8.1 yoursites123 und omniboxes in den Browsern


  1. Browser Hijacker yoursites123.com - wie entfernen?
    Log-Analyse und Auswertung - 19.01.2016 (18)
  2. YourSites123 redirect entfernen
    Anleitungen, FAQs & Links - 07.12.2015 (2)
  3. YourSites123.com entfernen
    Anleitungen, FAQs & Links - 06.12.2015 (2)
  4. omniboxes Virus
    Plagegeister aller Art und deren Bekämpfung - 29.07.2015 (23)
  5. Windows8 und DHL-Phishing-Mail geöffnet. Was nun?
    Plagegeister aller Art und deren Bekämpfung - 02.06.2015 (3)
  6. Windows8 Polizei Info
    Log-Analyse und Auswertung - 20.04.2015 (8)
  7. Windows8: permanente Virenfunde
    Log-Analyse und Auswertung - 13.04.2015 (7)
  8. Adware Probleme Browser öffnet mit Omniboxes
    Log-Analyse und Auswertung - 02.03.2015 (11)
  9. Roll Around unerwünschte Browserwerbung Windows8
    Plagegeister aller Art und deren Bekämpfung - 23.02.2015 (9)
  10. omniboxes.com entfernen
    Anleitungen, FAQs & Links - 09.02.2015 (2)
  11. Bundestrojaner - spanische Version - Windows8
    Plagegeister aller Art und deren Bekämpfung - 05.10.2014 (1)
  12. Trojana Windows8 SpeedupmyPC2014
    Log-Analyse und Auswertung - 28.08.2014 (3)
  13. Windows8 TR/Badur.iiop.7
    Log-Analyse und Auswertung - 12.07.2014 (9)
  14. Windows8 von externer Festplatte wiederherstellen
    Alles rund um Windows - 09.09.2013 (3)
  15. GVU Trojaner 2013 unter Windows8
    Plagegeister aller Art und deren Bekämpfung - 13.07.2013 (2)
  16. GVU Trojaner auf Windows8
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (17)
  17. 2x GVU Trojaner 2013 unter Windows8
    Mülltonne - 17.05.2013 (0)

Zum Thema Windows8.1 yoursites123 und omniboxes in den Browsern - Hallo, im Firefox hatte sich "123search" bzw. "yoursites123" eingenistet. Habe damit verbundene Programme gesucht und deinstalliert. Die Firefox-Verknüpfung war auch verändert. Die habe ich gelöscht. Eine neue Verknüpfung wurde wieder - Windows8.1 yoursites123 und omniboxes in den Browsern...
Archiv
Du betrachtest: Windows8.1 yoursites123 und omniboxes in den Browsern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.