addition.txt. Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by Admin at 2014-09-29 13:00:01
Running from \\zentrale\software\Malware
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
ALL16820x Utility (HKLM-x32\...\{BE6DF37F-8D64-4CAA-8028-3671FDAA94DF}) (Version: 3.0.902 - ALLNET GmbH)
Allway Sync version 14.2.1 (HKLM-x32\...\Allway Sync_is1) (Version: - Botkind Inc)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudioGenie (HKLM-x32\...\AudioGenie_is1) (Version: - msi, Inc.)
Auerswald COMfortel Melody 1.3.0 (HKLM-x32\...\{527BB01E-3067-4608-BF7F-EFEF0920C203}) (Version: 1.3.0 - Auerswald GmbH & Co.KG)
Auerswald COMfortel Set 3.4.00 (HKLM-x32\...\{CF833168-AF32-4254-9751-BF91C0570828}) (Version: 3.4.00 - Auerswald GmbH & Co.KG)
Auerswald COMlist 2.5.2 (HKLM-x32\...\{F7B74F3E-8B6C-4826-802E-B907BAAE4E4B}) (Version: 2.5.2 - Auerswald GmbH & Co.KG)
Auerswald COMset 2.7.2 (HKLM-x32\...\{B1D2A138-D53E-4D3F-B547-EA2277007746}) (Version: 2.7.2 - Auerswald GmbH & Co.KG)
Auerswald COMtools 2.3.2 (HKLM-x32\...\{CEDE5E8A-37C3-40C7-8F9C-7D0E70DA0C9E}) (Version: 2.3.2 - Auerswald GmbH & Co.KG)
Auerswald Mult-Core Patch (HKLM-x32\...\{16F8DE17-DC0B-4D03-AF06-90AE05B3D34E}) (Version: 1.0.0 - Auerswald GmbH & Co KG)
Auerswald SoftLCR 3.4.2 (HKLM-x32\...\{CD7DCE24-598D-49BF-A7AE-A019F9804A84}) (Version: 3.4.2 - Auerswald GmbH & Co.KG)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.174.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.53.0004 - Brother)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.20.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.20.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.20.0 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.123 - MSI)
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.060 - MSI)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debug Diagnostics 2 Update 1 (HKLM\...\{7A94F4D3-AC7B-48EB-866E-BBA62AEFFA4A}) (Version: 2.1.0.7 - Microsoft Corporation)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI)
EasyViewer (x32 Version: 1.3.0.9 - MSI) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Feuerwehrverwaltung FWVV 20.0 (HKLM-x32\...\FWVV_is1) (Version: 20.0 - UH-SOFTWARE)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FM PDF To JPG Converter Free 2.5 (HKLM-x32\...\FM PDF To JPG Converter Free_is1) (Version: 2.5 - )
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free MP4 Video Converter version 5.0.36.319 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.36.319 - DVDVideoSoft Ltd.)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.0.1029 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.30.319 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.30.319 - DVDVideoSoft Ltd.)
FRITZ!Powerline (HKLM-x32\...\{F88975C1-C182-4A51-BEDE-E333AB89F5D4}) (Version: 01.00.57 - AVM Berlin)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
GPL Ghostscript 8.71 Lite (HKLM-x32\...\GPL Ghostscript 8.71 Lite_is1) (Version: 8.71 - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HDR projects elements (64-Bit) (HKLM\...\HDR projects elements_is1) (Version: 1.22 - Franzis Verlag GmbH)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{F9384F65-8BCA-46FA-ABD0-6C7CD31D267F}) (Version: 3.0.42.1767 - Intel)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
ISO Workshop 4.3 (HKLM-x32\...\ISO Workshop_is1) (Version: - Glorylogic)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JRE 1.6.1 (HKLM-x32\...\{B256C380-AC47-4681-8342-7F42E4F0F434}) (Version: 1.6.1 - Auerswald GmbH & Co.KG)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
M3U-List Creator V1.3 (HKLM-x32\...\M3U-List Creator V1.3_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Motorola Pager Programmiersoftware (HKLM-x32\...\{E5C1617B-4BB9-45F6-A669-189089D1FF80}) (Version: 2.00.0021 - Oelmann Elektronik GmbH)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.009 - MSI)
MSI SUITE (HKLM-x32\...\{1F025E3A-3074-48A3-A8F3-78E735739491}_is1) (Version: 1.0.036 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PC Auto Backup (HKLM-x32\...\InstallShield_{662548BC-3506-4843-B7AA-F44D352F76A8}) (Version: 1.1.1.21 - Samsung Electronics Co,. Ltd.)
PC Auto Backup (x32 Version: 1.1.1.21 - Samsung Electronics Co,. Ltd.) Hidden
Philips Channel Editor (HKLM-x32\...\{A33473C4-3AD5-449B-9EF5-CD45D0048BCC}) (Version: 3.2.30 - Philips)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerLine Utility (HKLM-x32\...\{82AF9E7C-B592-44BB-914E-EC7653889058}) (Version: 2.0.1446 - TP-LINK)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 1.1.0.06280 - QNAP Systems, Inc.)
QNAP NetBak Replicator (HKLM-x32\...\NetBak) (Version: 4.3.2.0611 - QNAP Systems, Inc.)
QNAP Qget (HKLM-x32\...\Qget) (Version: 3.1.4.1125 - QNAP Systems, Inc.)
QNAP Qsync (HKLM-x32\...\Qsync) (Version: 1.3.0.0702 - QNAP Systems, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
ROCCAT Kone Mouse Driver (HKLM-x32\...\{9733747E-E53D-4C17-977E-3A872AFB93E1}) (Version: 1.0 - ROCCAT)
ROCCAT Power-Grid Version 0.459 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
RW_Tools V4 (HKCU\...\RW_Tools V4) (Version: - )
Samsung i-Launcher 1.0.1.54 (HKLM-x32\...\Samsung i-Launcher) (Version: 1.0.1.54 - Samsung Electronics Co., Ltd.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
STRATO HiDrive (remove only) (HKLM-x32\...\STRATO HiDrive) (Version: - STRATO AG)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.03 - Creative Technology Limited)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Train Simulator 2013 (HKLM-x32\...\Steam App 24010) (Version: - RailSimulator.com)
TSDoctor (HKLM-x32\...\{41472BA5-E017-4413-BA13-67FF9DDAADEB}) (Version: 1.2.134 - Cypheros)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
UKTS Freeware Pack - Blocks-Lofts-Bridges #1 (HKLM-x32\...\{07BB63A6-188D-4447-A0B6-8ED8B2075B81}) (Version: 1.0.9 - UKTrainSim)
UKTS Freeware Pack - Clutter #1 (HKLM-x32\...\{F355333F-795E-4593-ACAA-5C0F9D719D49}) (Version: 1.0.6 - UKTrainSim)
UKTS Freeware Pack - Commercial #1 (HKLM-x32\...\{64C9CBEC-1260-44F1-9304-F0CF9EFF9951}) (Version: 1.0.3 - UKTrainSim)
UKTS Freeware Pack - Foliage #1 (HKLM-x32\...\{E7B3D305-0229-4720-81A5-811E2E23DE43}) (Version: 1.0.2 - UKTrainSim)
UKTS Freeware Pack - Housing #1 (HKLM-x32\...\{AAEA1063-229A-406B-9962-864AEFBBD82F}) (Version: 1.1.1 - UKTrainSim)
UKTS Freeware Pack - Industrial #1 (HKLM-x32\...\{B19E2B7A-745D-4B67-B21B-C97F727F3923}) (Version: 1.0.3 - UKTrainSim)
UKTS Freeware Pack - Railway Buildings #1 (HKLM-x32\...\{13969A12-BC34-42DB-906D-D55FA9675EC2}) (Version: 1.0.4 - UKTrainSim)
UKTS Freeware Pack - UK Wagons #1 (HKLM-x32\...\{2CEDFC42-C1AC-443D-A11D-4BA201CC2C84}) (Version: 1.1.3 - UKTrainSim)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.125 - MSI)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.10.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WISO Einliegerwohnung (HKLM-x32\...\WISO Einliegerwohnung) (Version: - Buhl Data Service GmbH)
WISO Einliegerwohnung (x32 Version: 3.0.1.83 - Buhl) Hidden
WISO Hausverwalter 2012 (HKLM-x32\...\{642308AE-ADD6-4046-8CA5-7B93B6C51913}) (Version: 6.00.7549 - Buhl Data Service GmbH)
WISO Hausverwalter 2013 (HKLM-x32\...\{BAA9D87C-DA6A-48D0-BC07-135E5B2DE5A2}) (Version: 7.00.7718 - Buhl Data Service GmbH)
WISO Hausverwalter 2014 (HKLM-x32\...\{F7DA791F-5149-4520-92F9-69379E72436F}) (Version: 8.00.8332 - Buhl Data Service GmbH)
WISO Hausverwalter 2015 (HKLM-x32\...\{E821384E-D24C-4316-9D86-872F95ED92F0}) (Version: 9.00.8468 - Buhl Data Service GmbH)
XBMC (HKCU\...\XBMC) (Version: - Team XBMC)
X-Lite 4 (HKLM-x32\...\{E2429B81-5993-4C86-AF2E-51AB2377A9E9}) (Version: 45.6.9607 - CounterPath Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F799383-9468-D082-D503-08EE85889A47} No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5EAB88C9-9468-D082-9F18-DAAF85889A47} No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Frank_000\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2108137100-1421275735-2102073434-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
09-09-2014 13:07:46 Geplanter Prüfpunkt
17-09-2014 08:02:28 Geplanter Prüfpunkt
24-09-2014 13:11:16 Windows Update
28-09-2014 14:22:16 Installed VG JPEG-Repair Online
29-09-2014 07:42:47 2014-09-29
29-09-2014 08:03:50 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BB8828A-1677-4C10-A9C2-6546485C4FA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.)
Task: {1E8805CA-4FA2-4B1F-915E-4C127E89602C} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {243DADD5-D910-41AE-82D4-60EC90A41BB0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {272E98C3-DF25-46D5-8A03-BBC7E57A4E79} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37570C31-44FC-4EFE-B8CB-8834A82D5B33} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-11] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41B8BFEC-241C-4AD4-9586-EF983BAA7E76} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {55DD7B0D-0615-42E7-9AFF-474F4858D539} - System32\Tasks\2BrightSparks\SyncBackFree\OSTERWELLE-Frank_000\SyncBackFree sicherung usb stick => d:\SyncBackFree\SyncBackFree.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {88EB5912-7EBE-4D5B-A4C8-4FD3CF133A29} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8ED54AAB-E96A-4821-9C27-012F641D9A04} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2108137100-1421275735-2102073434-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {8FFE6B6F-7508-4FE3-8FAD-6DE8A25E396B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {956046F6-0915-4501-AA3B-E09E58CBF056} - System32\Tasks\NetBak-Osterwelle-Admin-AutoStartup => D:\QNAP\NetBak\NetBak.exe [2014-06-11] (QNAP Systems, Inc.)
Task: {982C67A7-7D09-406D-B62D-7332BC1FB81E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B22A094D-2AA0-4012-9E48-51050093F9EE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {C8FF2B03-A730-411F-9380-47808D60FDA0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CF6F3A46-7655-46F7-A27B-1C883B5B443B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F5C812D2-0BC5-4A5A-831D-6103433C7AC1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for OSTERWELLE-Frank_000 Osterwelle => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-25] (Microsoft Corporation)
Task: {F84F68AF-95A4-4A7B-BBF6-399533143C9D} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {F9D007C8-2904-4793-BAC8-378A01530E31} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {FF0ED3E9-ACFC-4C8A-8CBE-25877990727D} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2014-01-28] (Abelssoft)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-10 17:13 - 2013-10-17 17:32 - 00020472 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-04-16 15:45 - 2014-06-24 12:04 - 00182784 _____ () d:\Allway Sync\Bin\SyncService.exe
2013-09-02 15:10 - 2014-02-19 14:49 - 00099328 ____N () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2014-03-25 09:39 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-10-22 11:55 - 2012-10-22 11:55 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-10-22 11:55 - 2012-10-22 11:55 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2010-09-03 13:11 - 2010-09-03 13:11 - 00520295 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
2014-04-29 10:33 - 2014-04-29 10:33 - 00297680 _____ () D:\QNAP\Qsync\QsyncExt.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () D:\FileZilla FTP Client\fzshellext_64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-03-11 13:07 - 2010-05-04 12:00 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-07-21 10:28 - 2014-06-26 09:52 - 00094416 _____ () D:\Allway Sync\Bin\syncappw.exe
2014-09-09 17:33 - 2014-09-09 17:33 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-08-13 16:54 - 2014-01-28 17:33 - 00019744 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2014-08-13 16:54 - 2014-01-28 17:33 - 00014112 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-09-04 08:38 - 2005-07-18 13:43 - 00160256 _____ () C:\MSI\Live Update\unrar.dll
2010-04-30 14:02 - 2010-04-30 14:02 - 00057344 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\lang.dll
2014-06-20 10:26 - 2014-09-25 08:49 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-09-29 12:28 - 2014-09-29 12:28 - 00098816 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32api.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00110080 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\pywintypes27.dll
2014-09-29 12:28 - 2014-09-29 12:28 - 00364544 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\pythoncom27.dll
2014-09-29 12:28 - 2014-09-29 12:28 - 00045568 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_socket.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 01160704 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_ssl.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00320512 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32com.shell.shell.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00713216 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_hashlib.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 01175040 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._core_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00805888 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._gdi_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00811008 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._windows_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 01062400 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._controls_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00735232 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._misc_.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00128512 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_elementtree.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00127488 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\pyexpat.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00557056 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\pysqlite2._sqlite.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00007168 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\hashobjs_ext.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00087552 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_ctypes.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00119808 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32file.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00108544 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32security.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00018432 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32event.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00038912 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32inet.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00070656 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._html2.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00167936 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32gui.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00011264 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32crypt.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00027136 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\_multiprocessing.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00686080 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\unicodedata.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00122368 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._wizard.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00010240 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\select.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00024064 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32pipe.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00025600 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32pdh.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00525640 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\windows._lib_cacheinvalidation.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00035840 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32process.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00017408 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32profile.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00022528 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\win32ts.pyd
2014-09-29 12:28 - 2014-09-29 12:28 - 00078336 _____ () C:\Users\Frank_000\AppData\Local\Temp\_MEI55924\wx._animate.pyd
2014-07-21 10:28 - 2014-06-24 12:04 - 08567808 _____ () D:\Allway Sync\Bin\syncapp.dll
2014-06-20 10:25 - 2014-09-25 08:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-08-28 11:24 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-29 12:28 - 2014-09-29 12:28 - 00043008 _____ () c:\Users\Frank_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnoafiu.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Frank_000\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00151552 _____ () D:\QNAP\Qsync\IOTCAPIs.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00086016 _____ () D:\QNAP\Qsync\P2PTunnelAPIs.dll
2014-06-18 10:44 - 2014-06-18 10:44 - 00116224 _____ () D:\QNAP\Qsync\RdiffDll.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00098304 _____ () D:\QNAP\Qsync\RDTAPIs.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 00093192 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avpapplication.dll
2014-09-06 18:44 - 2014-09-06 18:44 - 00035328 _____ () D:\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () D:\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () D:\FileZilla FTP Client\libstdc++-6.dll
2014-09-25 09:08 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 09:08 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 09:08 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 09:08 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 09:08 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 09:08 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
2014-08-05 13:44 - 2014-08-05 13:44 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Frank_000\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Frank_000\Desktop\1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Frank_000\Desktop\1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Frank_000\Desktop\2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Frank_000\Desktop\2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: MSI_FastBoot => 2
HKLM\...\StartupApproved\StartupFolder: => "iSCTsysTray.lnk"
HKLM\...\StartupApproved\Run32: => "Live Update 5"
========================= Accounts: ==========================
Admin (S-1-5-21-2108137100-1421275735-2102073434-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2108137100-1421275735-2102073434-500 - Administrator - Disabled)
Frank_000 (S-1-5-21-2108137100-1421275735-2102073434-1002 - Limited - Enabled) => C:\Users\Frank_000
Gast (S-1-5-21-2108137100-1421275735-2102073434-501 - Limited - Disabled)
Tanja (S-1-5-21-2108137100-1421275735-2102073434-1005 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (09/29/2014 00:52:00 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (09/29/2014 00:52:00 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 112.
Error: (09/29/2014 00:50:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (09/29/2014 00:50:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 112.
Error: (09/29/2014 00:26:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bing Desktop Update service erreicht.
Error: (09/29/2014 00:24:39 PM) (Source: DCOM) (EventID: 10010) (User: Osterwelle)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}
Error: (09/29/2014 00:24:09 PM) (Source: DCOM) (EventID: 10010) (User: Osterwelle)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-02-07 12:06:31.113
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fus2base.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-07 09:42:37.246
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fus2base.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-07 09:42:34.811
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avmcowan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-06 11:45:28.762
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\fus2base.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-06 11:45:26.405
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avmcowan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-06 11:44:02.380
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-06 11:44:02.357
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-06 11:44:02.257
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-06 11:44:02.240
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-06 11:44:02.222
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 39%
Total physical RAM: 8141.68 MB
Available physical RAM: 4950.55 MB
Total Pagefile: 9421.68 MB
Available Pagefile: 4999.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (SSD) (Fixed) (Total:111.45 GB) (Free:19.73 GB) NTFS
Drive d: (SATA) (Fixed) (Total:233.76 GB) (Free:142.95 GB) NTFS
Drive i: (Sicherungsplatte) (Fixed) (Total:233.76 GB) (Free:56.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: BD3ADAC5)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233.8 GB) (Disk ID: 71AC5D87)
Partition 1: (Active) - (Size=233.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 233.8 GB) (Disk ID: F741A295)
Partition 1: (Not Active) - (Size=233.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GELÖST
MBAM (als Admin laufen lassen) hatte noch zweimal was gefunden und danach war es gut.
DANKE für die Mühe
:party: |
SecurityCheck und:
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
