Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
fremder Zugriff auf AOL-Mail

fremder Zugriff auf AOL-Mail


Plagegeister aller Art und deren Bekämpfung: fremder Zugriff auf AOL-Mail

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.12.2014, 19:11   #1
MrOxpar
 
fremder Zugriff auf AOL-Mail - Frage

fremder Zugriff auf AOL-Mail


Hallo,

vom AOL-Account meines Vaters wurden heute Nachmittag Mails mit Anhang versendet, die Mails von heute Nachmittag gingen an sein komplettes Adressbuch.

Er hat mich vor ca einer halben Stunde angerufen und mich darüber informiert, ich habe dann versucht mich einzuloggen wurde aber darauf hingewiesen dass der Account wegen ungewöhnlichen Aktivitäten gesperrt wurde.

Nachdem ich das Passwort von meinem Laptop aus geändert habe und in den "versendet" Ordner geschaut habe, konnte ich nur von 14:23-14:27 Spammails finden, danach wurde der Account wohl von AOL gesperrt. Jetzt gerade habe ich mich nochmal bei ihm eingeloggt und musste sehen dass ab 18:32 (1Minute nachdem ich das PW geändert habe) schon wieder Spammails verschickt wurden. Diesmal gingen alle an polnische Adressen (alle starten mit info@..., also wahrscheinlich Firmen?) und in sein Adressbuch wurden hunderte Mailadressen aus Polen hinzugefügt.

Ein Scan mit MBAM hat nach seinen Aussagen keine Treffer ergeben, selber kann ich leider nichts machen, da ich ein paar Fahrstunden von ihm entfernt wohne. Das selbe Problem (mit gleichem Ablauf) hatte ich auch schon mit dem Mail-Account meines Bruders vor 4 bzw. 1Monat, damals war nach 2-3mal pw ändern Ruhe, ein Virenscan mit MBAM bzw. Kaspersky brachte damals keine Treffer.

Was mich am meisten verwirrt, dass die anderen Personen bereits wenige Sekunden nachdem ich das Passwort geändert habe, schon wieder auf den Account zugreifen können. Obwohl die Änderung von meinem Laptop stattfindet, mit dem ich bisher nicht auf das AOL-Konto meines Vaters/Bruders zugegriffen habe.

Mfg Sebastian

Kurz zusammengefasst:
14:23 Spammails an Adressbuch
14:27 Sperrung durch AOL?
18:31 Entsperrung und Passwortänderung
18:32 201 Spammails an polnische "info@"-Adressen
18:59 Erneute Passwortänderung, bis jetzt nichts neues im "versendet"-Ordner

Alt 18.12.2014, 19:22   #2
schrauber
/// the machine
/// TB-Ausbilder
 
fremder Zugriff auf AOL-Mail - Standard

fremder Zugriff auf AOL-Mail


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 18.12.2014, 19:25   #3
MrOxpar
 
fremder Zugriff auf AOL-Mail - Standard

fremder Zugriff auf AOL-Mail


Den Scan kann ich leider erst durchführen wenn ich das nächste mal zu Besuch bei meinen Eltern bin, oder meinst du ein Scan von meinem Laptop auf dem ich das Passwort heute geändert habe wäre schon hilfreich?

Ich habe diesen Thread eigentlich in der Hoffnung eröffnet, dass jemand eine Idee hat wie jemand das Passwort wenige Sekunden nachdem ich es auf meinem Laptop geändert habe bereits wieder in Erfahrung hat

Hier schonmal die Files von meinem Laptop:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Thumb (administrator) on THUMB-PC on 18-12-2014 19:37:30
Running from C:\Users\Thumb\Downloads
Loaded Profile: Thumb (Available profiles: Thumb)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Users\Thumb\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Infix Technologies) D:\PingGraph\PingGraph.exe
(Valve Corporation) D:\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) D:\Battle.net\Battle.net.5383\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
() D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() D:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe
() D:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe
() D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12448872 2012-02-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [60640 2014-08-28] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3299148911-394690415-2075085385-1000\...\Run: [Spotify Web Helper] => C:\Users\Thumb\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-23] (Spotify Ltd)
HKU\S-1-5-21-3299148911-394690415-2075085385-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3299148911-394690415-2075085385-1000\...\Run: [DAEMON Tools Lite] => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3299148911-394690415-2075085385-1000\...\Run: [SkyDrive] => C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-3299148911-394690415-2075085385-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-10-16] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk
ShortcutTarget: HDDHealth.lnk -> D:\HDD Health\hddhealth.exe (No File)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3299148911-394690415-2075085385-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3299148911-394690415-2075085385-1000 -> DefaultScope {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.bigseekpro.com/search/browser/mcpatcherpro/{F09CFD75-57D2-495B-AA8A-D9B64AFD437D}?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3299148911-394690415-2075085385-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-3299148911-394690415-2075085385-1000 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.bigseekpro.com/search/browser/mcpatcherpro/{F09CFD75-57D2-495B-AA8A-D9B64AFD437D}?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Thumb\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3299148911-394690415-2075085385-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} [2014-06-20]

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-11-12]
CHR Extension: (Google*Übersetzer) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-08-21]
CHR Extension: (BetterTTV) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-02-09]
CHR Extension: (Google Docs) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-09]
CHR Extension: (Google Drive) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-09]
CHR Extension: (Google-Suche) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-09]
CHR Extension: (AdBlock) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-09]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-04-09]
CHR Extension: (Google Wallet) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-09]
CHR Extension: (Google Mail) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-09]
CHR Extension: (Abstract-Blue) - C:\Users\Thumb\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2014-02-09]
CHR HKLM-x32\...\Chrome\Extension: [khialnikbocfgkohdegnebhmmaifoglp] - C:\Program Files (x86)\LyricsMonkey\Chrome.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-13] () [File not signed]
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1579936 2014-05-17] (Echobit LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-01] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-08-28] (Razer Inc.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-08] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-12-21] (Echobit, LLC)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 19:37 - 2014-12-18 19:37 - 00021735 _____ () C:\Users\Thumb\Downloads\FRST.txt
2014-12-18 19:37 - 2014-12-18 19:37 - 00000000 ____D () C:\FRST
2014-12-18 19:27 - 2014-12-18 19:27 - 02121216 _____ (Farbar) C:\Users\Thumb\Downloads\FRST64.exe
2014-12-18 14:54 - 2014-12-18 14:54 - 00000000 ___RD () C:\Users\Thumb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-17 16:38 - 2014-12-17 16:45 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-12-17 16:38 - 2014-12-17 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-12-17 16:38 - 2014-12-17 16:38 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-12-17 16:37 - 2014-12-17 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-12-17 16:31 - 2014-12-17 16:34 - 08244106 _____ () C:\Users\Thumb\Downloads\ca_setup_4.9.56 (1).exe
2014-12-08 18:01 - 2014-12-08 18:01 - 00000000 ____H () C:\Users\Thumb\Documents\Default.rdp
2014-11-29 09:25 - 2014-11-29 09:36 - 00023725 _____ () C:\Users\Thumb\Desktop\Einkaufsliste.xlsx
2014-11-28 19:10 - 2014-11-28 19:36 - 00000000 ____D () C:\Users\Thumb\Downloads\YT-Musik
2014-11-28 18:18 - 2014-11-28 18:18 - 00050911 _____ () C:\Users\Thumb\Downloads\convert2mp3_chrome_addon-2.3.zip
2014-11-28 18:18 - 2014-06-13 10:28 - 00000000 ____D () C:\Users\Thumb\Downloads\js
2014-11-28 18:18 - 2014-06-13 10:27 - 00000000 ____D () C:\Users\Thumb\Downloads\icons
2014-11-28 18:18 - 2014-06-13 10:27 - 00000000 ____D () C:\Users\Thumb\Downloads\css
2014-11-28 18:18 - 2014-06-13 09:48 - 00001491 ____N () C:\Users\Thumb\Downloads\manifest.json
2014-11-26 17:55 - 2014-12-07 11:34 - 00013302 _____ () C:\Users\Thumb\Desktop\Kontostand.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 19:36 - 2013-10-30 14:44 - 00000000 ____D () C:\Users\Thumb\AppData\Local\Battle.net
2014-12-18 19:22 - 2014-03-05 14:14 - 00028990 _____ () C:\Users\Thumb\Desktop\Abnehmen 2014.xlsx
2014-12-18 19:20 - 2014-02-09 16:39 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-18 19:18 - 2014-08-25 08:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-18 19:16 - 2014-08-25 08:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-18 18:55 - 2012-06-06 18:38 - 00000000 ____D () C:\Users\Thumb\AppData\Roaming\Skype
2014-12-18 18:46 - 2012-08-07 14:09 - 00000000 ____D () C:\Users\Thumb\AppData\Roaming\TS3Client
2014-12-18 18:40 - 2014-02-10 10:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-18 15:20 - 2014-02-09 16:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-18 15:16 - 2012-06-06 16:52 - 01310245 _____ () C:\Windows\WindowsUpdate.log
2014-12-18 15:03 - 2013-02-07 15:06 - 00000000 ____D () C:\ProgramData\Origin
2014-12-18 15:03 - 2013-02-07 15:06 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-18 15:01 - 2012-06-08 10:34 - 00000000 ____D () C:\Users\Thumb\AppData\Local\Adobe
2014-12-18 14:58 - 2009-07-14 05:45 - 00014752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-18 14:58 - 2009-07-14 05:45 - 00014752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-18 14:57 - 2009-07-14 18:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-12-18 14:57 - 2009-07-14 18:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-12-18 14:57 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-18 14:54 - 2014-03-04 11:23 - 00000000 ____D () C:\Users\Thumb\AppData\Local\FreePDF_XP
2014-12-18 14:54 - 2013-12-13 12:27 - 00000000 ___RD () C:\Users\Thumb\SkyDrive
2014-12-18 14:51 - 2013-04-26 18:22 - 00186270 _____ () C:\Windows\setupact.log
2014-12-18 14:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-17 19:02 - 2013-04-26 20:46 - 00228156 _____ () C:\Windows\PFRO.log
2014-12-17 16:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-16 18:29 - 2012-06-06 23:12 - 00000000 ____D () C:\Users\Thumb\AppData\Local\CrashDumps
2014-12-14 18:46 - 2014-11-04 18:42 - 00010490 _____ () C:\Users\Thumb\Desktop\Trainingsplan.xlsx
2014-12-12 16:29 - 2014-10-13 15:08 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-12 16:29 - 2012-06-06 18:38 - 00000000 ____D () C:\ProgramData\Skype
2014-12-10 17:41 - 2014-02-10 10:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 17:41 - 2013-03-12 21:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 17:41 - 2013-03-12 21:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-07 21:08 - 2014-09-28 16:52 - 00000000 ____D () C:\Users\Thumb\AppData\Roaming\Mumble
2014-12-03 16:09 - 2012-06-07 13:00 - 00000000 ____D () C:\Users\Thumb\AppData\Roaming\vlc
2014-11-26 16:32 - 2014-09-25 14:43 - 00009652 _____ () C:\Users\Thumb\Desktop\Schulnoten.xlsx
2014-11-22 17:19 - 2013-05-31 10:48 - 00000000 ____D () C:\Users\Thumb\Documents\BioWare
2014-11-22 17:19 - 2013-05-13 13:55 - 00717739 _____ () C:\Windows\DirectX.log
2014-11-22 17:19 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-21 06:14 - 2014-08-25 08:00 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-08-25 08:00 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2012-11-16 17:52 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Thumb\AppData\Local\Temp\3d1mnffg.dll
C:\Users\Thumb\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Thumb\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Thumb\AppData\Local\Temp\detectionui_r.exe
C:\Users\Thumb\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Thumb\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Thumb\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Thumb\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqikw2s.dll
C:\Users\Thumb\AppData\Local\Temp\java-installer.exe
C:\Users\Thumb\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Thumb\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Thumb\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Thumb\AppData\Local\Temp\local.dll
C:\Users\Thumb\AppData\Local\Temp\paint.net.4.0.3.install.exe
C:\Users\Thumb\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Thumb\AppData\Local\Temp\SRLDetectionLibrary5785742912812132850.dll
C:\Users\Thumb\AppData\Local\Temp\ubiF3AD.tmp.exe
C:\Users\Thumb\AppData\Local\Temp\uninst1.exe
C:\Users\Thumb\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Thumb\AppData\Local\Temp\vlc-2.0.7-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-18 16:33

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by Thumb at 2014-12-18 19:37:50
Running from C:\Users\Thumb\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space 2 (HKLM-x32\...\Steam App 47780) (Version:  - Visceral Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version:  - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.18.9 - Electronic Arts)
Dir-It! (HKLM-x32\...\{E3ED49BB-0544-4844-B296-6A0CB28E7BE3}) (Version: 4.02.0000 - Wirth IT Design)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
EASEUS Partition Master 9.1.1 Home Edition (HKLM-x32\...\EASEUS Partition Master Home Edition_is1) (Version:  - EASEUS)
Easy Poster Printer (HKLM-x32\...\{1B5979B5-FE79-405A-A023-592DCE48C522}) (Version: 6.0.0 - GD Software)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version:  - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM-x32\...\Steam App 255320) (Version:  - Daedalic Entertainment)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.4 - Echobit, LLC)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version:  - SQUARE ENIX)
Free YouTube to MP3 Converter version 3.11.30.903 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.30.903 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 (HKLM-x32\...\Steam App 70200) (Version:  - I Sioux Game Productions B.V.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
gs_x64 (HKLM\...\{344BD061-2564-422E-860F-9E5DC49983AE}) (Version: 9.10 - MAY Computer)
Hard Disk Low Level Format Tool 4.12 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version:  - HDDGURU)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{333E22D7-9F56-4482-A13C-1B9D35B9D641}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 7 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417040FF}) (Version: 7.0.400 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
Java(TM) 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000F0}) (Version: 7.0.0 - Oracle)
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LEGO Batman 2 (HKLM-x32\...\Steam App 213330) (Version:  - TT Games)
LEGO Batman: The Videogame (HKLM-x32\...\Steam App 21000) (Version:  - Traveller's Tales)
Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version:  - TT Games)
LEGO Harry Potter: Years 5-7 (HKLM-x32\...\Steam App 204120) (Version:  - Traveller's Tales )
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version:  - Traveller's Tales)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3299148911-394690415-2075085385-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Mumble 1.2.8 (HKLM-x32\...\{1BC144A3-20EF-49DD-8EBB-E421E128E30F}) (Version: 1.2.8 - Thorvald Natvig)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version:  - Robot Entertainment)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.1.12.73 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Blender (HKLM-x32\...\PDF Blender) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PingGraph 3.0.0.7 (HKLM-x32\...\PingGraph_is1) (Version:  - Infix Technologies)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PROTOTYPE 2 (HKLM-x32\...\Steam App 115320) (Version:  - Radical Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
RAGE (HKLM-x32\...\Steam App 9200) (Version:  - id Software)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.0.89.0 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Sniper Elite (HKLM-x32\...\Steam App 3700) (Version:  - Rebellion)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Sniper Elite: Zombie Army (HKLM-x32\...\Steam App 235700) (Version:  - Rebellion)
Sniper Ghost Warrior 2 (HKLM-x32\...\Steam App 34870) (Version:  - City Interactive)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spotify (HKU\S-1-5-21-3299148911-394690415-2075085385-1000\...\Spotify) (Version: 0.9.1.53.g876fa9df - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{2DF5765E-5386-4540-9383-DBC9A0A596F9}) (Version: 6.0.15.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3299148911-394690415-2075085385-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Book of Unwritten Tales (HKLM-x32\...\Steam App 215160) (Version:  - KING Art)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The LEGO® Movie - Videogame (HKLM-x32\...\Steam App 267530) (Version:  - TT Fusion)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Tom Clancy's H.A.W.X. (HKLM-x32\...\Steam App 21900) (Version:  - Ubisoft Bucharest Studio)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-a74ca3d4-ba15-45f7-bbbc-76274de8576b) (Version:  - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3299148911-394690415-2075085385-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thumb\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3299148911-394690415-2075085385-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3299148911-394690415-2075085385-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3299148911-394690415-2075085385-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3299148911-394690415-2075085385-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3299148911-394690415-2075085385-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

18-12-2014 16:40:49 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-09-18 13:21 - 00001810 ____A C:\Windows\system32\Drivers\etc\hosts



==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {040D6448-7FCA-4D9C-83CD-E4EBEC4F5520} - System32\Tasks\{1450F4E1-1A00-475C-B710-DDF8AEA6AC9D} => pcalua.exe -a "C:\Users\Thumb\Desktop\Zombe Mod Installer.exe" -d C:\Users\Thumb\Desktop
Task: {0A270C8C-6A4B-4648-A259-6C5815D1CC53} - System32\Tasks\HP AR Program Upload - 1cb71c1813884a30875470621ad6e60337cf80ca1be44fd78488096d5aaae06b => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {0B563057-89F1-4303-AF6D-6E1D9F9FBFD3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {11AF7D9E-075B-4F50-9A98-2A5E05B734F9} - System32\Tasks\AdobeAAMUpdater-1.0-Thumb-PC-Thumb => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {18E83B49-4F4E-4EB1-A556-15F62F227292} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09] (Google Inc.)
Task: {2F8C9A27-7CCA-4167-A724-71DBADB3738E} - System32\Tasks\{A5954D42-1F92-4C56-91DD-6B3031A4FFF3} => pcalua.exe -a C:\Users\Thumb\Downloads\epson377778eu.exe -d C:\Users\Thumb\Downloads
Task: {4AA498CC-1715-4102-A68B-49B48FF8B3CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09] (Google Inc.)
Task: {7647B677-12CA-4500-8B93-63961BF44405} - System32\Tasks\Software Updater => C:\Program Files (x86)\Freemium\SystemStore\SoftwareUpdater.Bootstrapper.exe <==== ATTENTION
Task: {914DD0F0-02DC-45C5-AA01-45140EABE39C} - System32\Tasks\{C3718C36-84A1-4451-8153-AF6FD4DF77CA} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe"
Task: {995CB438-6180-427C-802C-1C39B8EF8EDF} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {A36F5AD8-0EDF-43EC-A0A6-82F749102413} - System32\Tasks\{BFB25616-B3B5-4304-918A-1A6E50468D93} => pcalua.exe -a C:\Users\Thumb\Desktop\ARMA2_OA_Build_95054\ARMA2_OA_Build_95054.exe -d C:\Users\Thumb\Desktop\ARMA2_OA_Build_95054
Task: {AA6341A1-FFF2-4C30-8BFB-2E3A065B3428} - System32\Tasks\{40FAEC60-E2B9-4907-ADA0-4FB92D99C0A4} => pcalua.exe -a C:\Users\Thumb\Desktop\ARMA2_OA_Build_94997.exe -d C:\Users\Thumb\Desktop
Task: {AE69C7A9-D2D1-4A17-A69F-A805020ED966} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {B3190912-B976-463E-A243-851F12ADFB4E} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\Freemium\SystemStore\SoftwareUpdater.Ui.exe <==== ATTENTION
Task: {B3592C8C-8372-4734-973B-4465C4408590} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {C21043AF-EFA8-4A00-A5AD-3966D82CAAF3} - System32\Tasks\{2A0A4745-4B57-4292-8145-9B5DDCA912A8} => D:\Steam\SteamApps\common\Robin Hood\Robin Hood.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-15 12:19 - 2014-10-16 17:54 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-31 20:11 - 2014-10-16 15:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-24 11:18 - 2010-06-17 20:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2013-02-07 20:21 - 2014-06-01 01:38 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-06-06 18:52 - 2012-02-14 02:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-07 01:18 - 2012-05-29 10:47 - 01300376 _____ () D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2012-06-07 01:18 - 2014-12-10 16:22 - 02465272 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe
2014-12-18 14:56 - 2014-12-18 14:56 - 04214776 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe
2013-07-10 11:30 - 2013-07-10 11:30 - 00074752 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe
2014-08-31 00:12 - 2014-08-31 00:12 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-06-06 20:11 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-06 20:13 - 2011-12-16 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-15 12:19 - 2014-10-16 17:54 - 00013120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-11 15:19 - 2012-11-20 15:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll
2014-09-25 16:01 - 2014-09-25 16:01 - 00081056 _____ () C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-08-29 07:55 - 2014-11-11 19:48 - 01171456 _____ () D:\Steam\libavcodec-56.dll
2014-08-29 07:55 - 2014-11-11 19:48 - 00442368 _____ () D:\Steam\libavutil-54.dll
2014-08-29 07:55 - 2014-11-11 19:48 - 00332800 _____ () D:\Steam\libavresample-2.dll
2013-07-01 07:20 - 2014-11-11 19:47 - 00774656 _____ () D:\Steam\SDL2.dll
2014-05-21 19:42 - 2014-11-18 21:23 - 02227904 _____ () D:\Steam\video.dll
2014-08-29 07:55 - 2014-11-11 19:48 - 00403968 _____ () D:\Steam\libavformat-56.dll
2014-08-29 07:55 - 2014-11-11 19:48 - 00485888 _____ () D:\Steam\libswscale-3.dll
2013-07-09 16:56 - 2014-11-18 21:23 - 00690880 _____ () D:\Steam\bin\chromehtml.DLL
2014-09-25 16:01 - 2014-09-25 16:01 - 00081056 _____ () C:\Users\Thumb\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-12-12 22:23 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 22:23 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 22:23 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 22:23 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 26065408 _____ () D:\Battle.net\Battle.net.5383\libcef.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00739840 _____ () D:\Battle.net\Battle.net.5383\libGLESv2.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00907776 _____ () D:\Battle.net\Battle.net.5383\platforms\qwindows.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00130048 _____ () D:\Battle.net\Battle.net.5383\libEGL.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00020992 _____ () D:\Battle.net\Battle.net.5383\imageformats\qgif.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00021504 _____ () D:\Battle.net\Battle.net.5383\imageformats\qico.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00205312 _____ () D:\Battle.net\Battle.net.5383\imageformats\qjpeg.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00225792 _____ () D:\Battle.net\Battle.net.5383\imageformats\qmng.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00015872 _____ () D:\Battle.net\Battle.net.5383\imageformats\qsvg.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00312832 _____ () D:\Battle.net\Battle.net.5383\imageformats\qtiff.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00010240 _____ () D:\Battle.net\Battle.net.5383\qml\QtQuick.2\qtquick2plugin.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00054272 _____ () D:\Battle.net\Battle.net.5383\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2014-12-14 11:26 - 2014-12-14 11:26 - 00010240 _____ () D:\Battle.net\Battle.net.5383\qml\QtQml\Models.2\modelsplugin.dll
2014-12-10 17:41 - 2014-12-10 17:41 - 16841392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
2013-07-09 12:45 - 2014-11-11 19:48 - 34589888 _____ () D:\Steam\bin\libcef.dll
2014-08-14 20:25 - 2014-11-11 19:48 - 00837824 _____ () D:\Steam\bin\ffmpegsumo.dll
2014-12-18 14:56 - 2014-12-18 14:56 - 01628152 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\RiotLauncher.dll
2013-07-10 11:30 - 2013-07-10 11:30 - 04774248 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2013-07-10 11:30 - 2013-07-10 11:30 - 16032616 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2014-12-12 22:23 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2014-01-29 11:47 - 2014-12-18 15:03 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-01-29 11:47 - 2014-12-18 15:03 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-01-29 11:47 - 2014-12-18 15:03 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-01-29 11:47 - 2014-12-18 15:03 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-01-29 11:47 - 2014-12-18 15:03 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-01-29 11:47 - 2014-12-18 15:03 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-01-29 11:47 - 2014-12-18 15:03 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-01-29 11:47 - 2014-12-18 15:03 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3299148911-394690415-2075085385-500 - Administrator - Disabled)
Gast (S-1-5-21-3299148911-394690415-2075085385-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3299148911-394690415-2075085385-1005 - Limited - Enabled)
Thumb (S-1-5-21-3299148911-394690415-2075085385-1000 - Administrator - Enabled) => C:\Users\Thumb

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 1.3M HD WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/16/2014 06:29:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: starbound.exe, Version: 0.9.0.0, Zeitstempel: 0x5359dc05
Name des fehlerhaften Moduls: starbound.exe, Version: 0.9.0.0, Zeitstempel: 0x5359dc05
Ausnahmecode: 0x40000015
Fehleroffset: 0x004341f8
ID des fehlerhaften Prozesses: 0x1ccc
Startzeit der fehlerhaften Anwendung: 0xstarbound.exe0
Pfad der fehlerhaften Anwendung: starbound.exe1
Pfad des fehlerhaften Moduls: starbound.exe2
Berichtskennung: starbound.exe3

Error: (12/14/2014 09:25:52 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/14/2014 09:25:52 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/14/2014 09:25:52 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (12/09/2014 04:11:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/09/2014 04:11:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/09/2014 04:11:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (12/07/2014 09:20:46 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/07/2014 09:20:46 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/07/2014 09:20:46 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


System errors:
=============
Error: (12/18/2014 02:52:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/18/2014 02:52:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (12/17/2014 07:03:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/17/2014 07:03:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (12/17/2014 02:52:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/17/2014 02:52:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (12/16/2014 07:28:20 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/16/2014 02:50:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/16/2014 02:50:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (12/15/2014 03:14:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-08-29 01:22:05.891
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-29 01:22:05.890
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-29 01:22:05.889
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-29 01:22:05.886
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-29 01:22:05.885
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-29 01:22:05.884
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-28 02:20:40.267
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-28 02:20:40.266
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-28 02:20:40.265
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-28 02:20:40.262
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 51%
Total physical RAM: 8030.36 MB
Available physical RAM: 3871.77 MB
Total Pagefile: 15625.13 MB
Available Pagefile: 10489.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.53 GB) (Free:7.28 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:698.63 GB) (Free:125.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 98B9F5A5)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: F8D1D155)
Partition 1: (Active) - (Size=59.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
Geändert von MrOxpar (18.12.2014 um 19:49 Uhr)

Alt 18.12.2014, 21:41   #4
schrauber
/// the machine
/// TB-Ausbilder
 
fremder Zugriff auf AOL-Mail - Standard

fremder Zugriff auf AOL-Mail


Die Files von deinem Laptop bringen nix. Die Konten werden idR online gehackt. Also PW ändern und gut is.

Das ne Sekunde später wieder Mails kommen können auch noch Rückläufer sein.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.12.2014, 21:48   #5
MrOxpar
 
fremder Zugriff auf AOL-Mail - Standard

fremder Zugriff auf AOL-Mail


Okay ich werde dann die Files posten sobald ich an den Rechner komme. Rückläufer hab ich eigentlich ausgeschlossen da alles um 14:30 an deutsche Adressen aus dem Adressbuch war und alles später an polnische Firmen. Wäre es nicht komisch wenn genau danach der Cut im Versenden kommt? Außerdem waren ja 4 Stunden Sendepause dazwischen, das ist doch etwas lange?


Alt 19.12.2014, 19:50   #6
schrauber
/// the machine
/// TB-Ausbilder
 
fremder Zugriff auf AOL-Mail - Standard

fremder Zugriff auf AOL-Mail


joah, schon. Aber wie gesagt: Ohne Logs sag ich mal die Standardaussage. In einem von 1000000000 Fälle ist Malware auf dem Rechner, wenn Emailkonten gehackt werden
__________________
--> fremder Zugriff auf AOL-Mail

Antwort

Themen zu fremder Zugriff auf AOL-Mail
adresse, anderen, anhang, entfernt, fehlercode 0x40000015, fehlercode 22, fehlercode 28, fehlercode windows, gesperrt, geändert, kaspersky, laptop, nichts, ordner, passwort, problem, sekunden, starten, this device is disabled. (code 22), verschickt, virenscan, zugriff, ändern, änderung


« Windows 7 - Desktop ist Schwarz und nur der "Arbeitsplatz" ist geöffnet | Pups-c von Spybot gefunden, lässt sich nicht entfernen »


Ähnliche Themen: fremder Zugriff auf AOL-Mail


  1. Fremder Computer im Netzwerk angezeigt
    Plagegeister aller Art und deren Bekämpfung - 26.11.2014 (7)
  2. Fremder übernahm die Kontrolle
    Log-Analyse und Auswertung - 23.10.2014 (6)
  3. Anhang von Phishing-Mail geöffnet - jetzt unauthorisierter Zugriff auf Email-Konto
    Log-Analyse und Auswertung - 17.08.2014 (8)
  4. fremder Ordner auf dem Desktop!
    Log-Analyse und Auswertung - 27.05.2014 (11)
  5. Fremder Prozess Update Whilokki
    Plagegeister aller Art und deren Bekämpfung - 28.09.2013 (1)
  6. Fremder Zugriff auf meinen Kalender
    Alles rund um Windows - 16.09.2013 (0)
  7. BlackBerry lässt sich Zugriff auf Mail-Passwort per AGB absegnen
    Nachrichten - 19.07.2013 (0)
  8. Fremder hat sich in Account eingeloggt - Trojaner?
    Log-Analyse und Auswertung - 21.06.2013 (3)
  9. PC langsam, viel fremder Donwload, komische Effekte
    Log-Analyse und Auswertung - 17.06.2013 (23)
  10. Trojaner durch E-Mail eingefangen - Zugriff auf Rechner nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 23.05.2012 (5)
  11. gleiche IP-Adresse im Netzwek und fremder facebook-Login
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (46)
  12. Fremder Zugriff auf meinen YAHOO MailAccount
    Plagegeister aller Art und deren Bekämpfung - 06.12.2011 (1)
  13. fremder zugriff auf mein MSN
    Plagegeister aller Art und deren Bekämpfung - 30.11.2011 (35)
  14. TR/Crypt.XPACK.Gen3 gefunden und fremder Zugriff auf Passwörter
    Plagegeister aller Art und deren Bekämpfung - 12.10.2010 (3)
  15. Schon wieder fremder Server im Highjack this log
    Log-Analyse und Auswertung - 09.11.2008 (4)
  16. Backdoor oder Trojaner? Fremder auf dem PC.
    Log-Analyse und Auswertung - 30.10.2008 (9)
  17. fremder Zugriff unter Win Me
    Alles rund um Windows - 03.10.2006 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema fremder Zugriff auf AOL-Mail - Hallo, vom AOL-Account meines Vaters wurden heute Nachmittag Mails mit Anhang versendet, die Mails von heute Nachmittag gingen an sein komplettes Adressbuch. Er hat mich vor ca einer halben Stunde - fremder Zugriff auf AOL-Mail...
Archiv
Du betrachtest: fremder Zugriff auf AOL-Mail auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131