Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: loop.exe in Temp

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.07.2015, 21:03   #1
Audiofreak
 
loop.exe in Temp - Standard

loop.exe in Temp



Hallo,

ich habe nach einem Malwarebytes Scan den loop.exe (vermutl. Trojaner?) in Temp gefunden. Mir ist ansonsten nichts Besonderes wie auffällige Prozesse o.ä. aufgefallen. Würde trotzdem gerne wissen, ob da mehr hinter ist. Habe FRST und defogger Logs angehängt, der GMER läuft bei mir nicht.

Windows 8.1 x64

EDIT: Entschuldigung, habe nun alles hier im Thread.

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:44 on 25/07/2015 (Icke)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
durchgeführt von Icke (Administrator) auf ARSCHMADE (25-07-2015 20:54:33)
Gestartet von C:\Users\Icke\Desktop
Geladene Profile: Icke (Verfügbare Profile: Icke)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(CM&V Hackbart) C:\Program Files (x86)\DVBViewer\dvbviewer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Dropbox, Inc.) C:\Users\Icke\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-04-07] (Realtek Semiconductor)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3992208 2014-10-03] (Stardock Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKU\S-1-5-21-2313329166-767069491-2639199306-1001\...\Run: [Spotify Web Helper] => C:\Users\Icke\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-01] (Spotify Ltd)
HKU\S-1-5-21-2313329166-767069491-2639199306-1001\...\Run: [Dropbox Update] => C:\Users\Icke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
Startup: C:\Users\Icke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Icke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-04-12]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-2313329166-767069491-2639199306-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\Programme\OldNewExplorer\OldNewExplorer64.dll [2014-07-20] (www.startisback.com)
BHO-x32: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\Programme\OldNewExplorer\OldNewExplorer32.dll [2014-07-20] (www.startisback.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{38807A27-F575-45CD-A828-9CC15106F95C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A5FA8171-F562-4162-B2F1-577F5217610B}: [DhcpNameServer] 192.168.8.1

FireFox:
========
FF ProfilePath: C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default
FF Homepage: about:superstart
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-22] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Extension: Super Start - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\superstart@enjoyfreeware.org [2015-05-29]
FF Extension: YouTube Unblocker - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\youtubeunblocker@unblocker.yt [2015-06-05]
FF Extension: FT DeepDark - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-07-22]
FF Extension: Video Downloader Professional - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\ffext_basicvideoext@startpage24.xpi [2014-10-08]
FF Extension: Ghostery - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\firefox@ghostery.com.xpi [2015-04-21]
FF Extension: Mercury Connect - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\jid1-pFvSABavHgXrRQ@jetpack.xpi [2014-10-08]
FF Extension: Searchonymous - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\jid1-WF1v8esuNM9pRg@jetpack.xpi [2014-10-08]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\vdpure@link64.xpi [2014-10-08]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-10-08]
FF Extension: Adblock Plus - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-08]
FF Extension: BetterPrivacy - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-10-08]
FF Extension: QuickJava - C:\Users\Icke\AppData\Roaming\Mozilla\Firefox\Profiles\8lsbj21b.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-10-08]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 OxygenAudioDevMon; C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [1632776 2010-03-04] (M-Audio)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 mlkumidi; C:\Windows\system32\drivers\mlkumidi.sys [55856 2014-08-30] (MusicLab, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 OXYGEN; C:\Windows\system32\DRIVERS\MAudioOxygen.sys [134664 2010-03-04] (M-Audio)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [4560640 2015-07-22] (Realtek Semiconductor Corporation                           )
R3 Saffire; C:\Windows\System32\Drivers\Saffire.sys [226640 2014-03-17] (Focusrite A.E.)
R3 SaffireAudio; C:\Windows\system32\drivers\SaffireAudio.sys [47824 2014-03-17] (Focusrite A.E.)
R3 SaffireMidi; C:\Windows\system32\drivers\SaffireMidi.sys [38608 2014-03-17] (Focusrite A.E.)
R3 teVirtualMIDI64; C:\Windows\system32\DRIVERS\teVirtualMIDI64.sys [39352 2013-10-14] (Tobias Erichsen)
R3 UDST7000BDA; C:\Windows\System32\Drivers\UDST7000BDA.sys [527632 2009-07-15] (TechniSat Digital S.A.)
R3 UDST7000HID; C:\Windows\system32\drivers\UDST7000HID.sys [27664 2009-07-15] (TechniSat Digital S.A.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-25 20:45 - 2015-07-25 20:54 - 00013977 _____ C:\Users\Icke\Desktop\FRST.txt
2015-07-25 20:44 - 2015-07-25 20:44 - 00000470 _____ C:\Users\Icke\Desktop\defogger_disable.log
2015-07-25 20:44 - 2015-07-25 20:44 - 00000000 _____ C:\Users\Icke\defogger_reenable
2015-07-25 20:42 - 2015-07-25 20:40 - 00380416 _____ C:\Users\Icke\Desktop\Gmer-19357.exe
2015-07-25 20:42 - 2015-07-25 20:39 - 00050477 _____ C:\Users\Icke\Desktop\Defogger.exe
2015-07-25 20:42 - 2015-07-25 20:31 - 02146816 _____ (Farbar) C:\Users\Icke\Desktop\FRST64.exe
2015-07-25 20:31 - 2015-07-25 20:54 - 00000000 ____D C:\FRST
2015-07-25 20:25 - 2015-07-25 20:26 - 00000000 ____D C:\AdwCleaner
2015-07-25 20:07 - 2015-07-25 20:08 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-25 20:07 - 2015-07-25 20:07 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-25 20:07 - 2015-07-25 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-25 20:07 - 2015-07-25 20:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-25 20:07 - 2015-07-25 20:07 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-25 20:07 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-25 20:07 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-25 20:07 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-25 16:36 - 2015-07-25 16:36 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-07-24 13:48 - 2015-07-24 13:48 - 00002339 _____ C:\Users\Public\Desktop\Intel Processor Diagnostic Tool 64bit.lnk
2015-07-24 13:48 - 2015-07-24 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-07-24 13:48 - 2015-07-24 13:48 - 00000000 ____D C:\Program Files\Intel Corporation
2015-07-24 11:23 - 2015-07-24 11:23 - 00309016 _____ C:\Windows\Minidump\072415-13250-01.dmp
2015-07-23 20:17 - 2015-07-23 20:17 - 00001049 _____ C:\Users\Icke\Desktop\prime95.exe - Verknüpfung.lnk
2015-07-23 17:44 - 2015-07-23 17:44 - 00000000 ____D C:\Users\Icke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-23 17:22 - 2015-07-23 17:22 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-23 17:14 - 2015-07-24 11:23 - 464780540 _____ C:\Windows\MEMORY.DMP
2015-07-23 17:14 - 2015-07-24 11:23 - 00000000 ____D C:\Windows\Minidump
2015-07-23 17:14 - 2015-07-23 17:14 - 00321336 _____ C:\Windows\Minidump\072315-5500-01.dmp
2015-07-23 16:43 - 2015-07-23 16:44 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-07-23 16:43 - 2015-07-23 16:43 - 00001030 _____ C:\Users\Icke\Desktop\SpeedFan.lnk
2015-07-23 16:43 - 2015-07-23 16:43 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2015-07-23 16:43 - 2015-07-23 16:43 - 00000000 ____D C:\Users\Icke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-07-23 16:23 - 2015-07-23 16:23 - 00002021 _____ C:\Users\Icke\Desktop\Crysis 3.lnk
2015-07-23 16:23 - 2015-07-23 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2015-07-23 16:14 - 2015-07-23 17:22 - 00000000 ____D C:\Program Files (x86)\Crysis 3
2015-07-22 14:34 - 2015-07-22 20:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-22 13:28 - 2015-07-22 13:28 - 00720896 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe
2015-07-22 13:28 - 2015-07-22 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prosoniq OrangeVocoder VST 2.02
2015-07-22 13:22 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-22 13:22 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-22 13:21 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-22 13:21 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-22 13:21 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-22 13:21 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-22 13:21 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-22 13:21 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-22 13:21 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-22 13:21 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-22 13:21 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-22 13:21 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-22 13:21 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-22 13:21 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-22 13:21 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-22 13:21 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-22 13:21 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-22 13:21 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-22 13:21 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-22 13:21 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-22 13:21 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-22 13:20 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-22 13:20 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-22 13:20 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-22 13:20 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-22 13:20 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-22 13:20 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-22 13:20 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-22 13:20 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-22 13:20 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-22 13:20 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-22 13:20 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-22 13:20 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-22 13:20 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-22 13:20 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-22 13:20 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-22 13:20 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-22 13:20 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-22 13:20 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-22 13:20 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-22 13:20 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-22 13:20 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-22 13:20 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-22 13:20 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-22 13:20 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-22 13:20 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-22 13:20 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-22 13:20 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-22 13:20 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-22 13:20 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-22 13:20 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-22 13:20 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-22 13:20 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-22 13:20 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-22 13:20 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-22 13:20 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-22 13:19 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-22 13:19 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-22 13:19 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-22 13:19 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-22 13:19 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-22 13:19 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-22 13:19 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-22 13:19 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-22 13:19 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-22 13:19 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-22 13:19 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-22 13:19 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-22 13:19 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-22 13:19 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-22 13:19 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-22 13:19 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-22 13:19 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-22 13:19 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-22 13:19 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-22 13:19 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-22 13:19 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-22 13:19 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-22 13:19 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-22 13:19 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-22 13:19 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-22 13:19 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-22 13:19 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-22 13:19 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-22 13:19 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-22 13:19 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-22 13:19 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-22 13:19 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-22 13:19 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-22 13:19 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-22 13:19 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-22 13:19 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-22 13:19 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-22 13:19 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-22 13:19 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-22 13:15 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 13:15 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-22 13:15 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 13:15 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 13:15 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-22 13:15 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-22 13:15 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-22 13:15 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-22 13:12 - 2015-07-22 13:12 - 00000957 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-07-22 13:12 - 2015-07-22 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-07-22 13:12 - 2015-07-22 13:12 - 00000000 ____D C:\Program Files\CPUID
2015-07-22 13:11 - 2015-07-22 13:11 - 00000000 __SHD C:\Recovery
2015-07-22 09:34 - 2015-07-22 09:34 - 04560640 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-25 20:53 - 2014-03-18 12:03 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-25 20:53 - 2014-03-18 11:25 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-07-25 20:53 - 2014-03-18 11:25 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-07-25 20:52 - 2014-10-08 17:31 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2313329166-767069491-2639199306-1001
2015-07-25 20:51 - 2015-04-11 00:01 - 00000000 ____D C:\Users\Icke\AppData\Roaming\Dropbox
2015-07-25 20:49 - 2015-06-19 00:29 - 00000000 ___RD C:\Users\Icke\OneDrive
2015-07-25 20:49 - 2014-10-08 17:35 - 00006462 _____ C:\Windows\SysWOW64\Gms.log
2015-07-25 20:48 - 2014-10-08 17:26 - 01322961 _____ C:\Windows\WindowsUpdate.log
2015-07-25 20:47 - 2015-06-21 23:46 - 00002629 _____ C:\Windows\mlkumidi.log
2015-07-25 20:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-07-25 20:47 - 2013-08-22 16:46 - 00064318 _____ C:\Windows\setupact.log
2015-07-25 20:47 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 20:44 - 2014-10-08 17:26 - 00000000 ____D C:\Users\Icke
2015-07-25 20:26 - 2014-03-18 03:50 - 00020112 _____ C:\Windows\PFRO.log
2015-07-25 20:26 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-25 20:20 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-07-25 20:17 - 2015-06-17 21:57 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2313329166-767069491-2639199306-1001UA.job
2015-07-25 20:13 - 2015-04-10 14:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-25 19:19 - 2015-04-14 20:39 - 00000000 ____D C:\Users\Icke\AppData\Roaming\vlc
2015-07-25 13:17 - 2015-06-17 21:57 - 00001188 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2313329166-767069491-2639199306-1001Core.job
2015-07-25 11:59 - 2015-04-10 14:31 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 17:51 - 2014-10-08 18:05 - 00000000 ____D C:\Users\Icke\AppData\Roaming\foobar2000
2015-07-23 22:51 - 2015-05-03 01:14 - 00000032 _____ C:\Windows\system32\w3data.vss
2015-07-23 22:51 - 2015-05-03 01:14 - 00000032 _____ C:\Windows\system32\msvcsv60.dll
2015-07-23 22:51 - 2015-05-03 01:14 - 00000032 _____ C:\Windows\msocreg32.dat
2015-07-23 22:51 - 2014-10-08 20:56 - 00000000 ____D C:\ProgramData\ValhallaRoom
2015-07-23 22:51 - 2014-10-08 20:07 - 00000032 _____ C:\Users\Icke\AppData\Roaming\msregsvv.dll
2015-07-23 22:51 - 2014-10-08 20:07 - 00000032 _____ C:\ProgramData\autobk.inc
2015-07-23 22:51 - 2014-10-08 19:12 - 00000000 ____D C:\Users\Icke\AppData\Local\Spectrasonics
2015-07-23 16:23 - 2015-04-16 20:21 - 00045074 _____ C:\Windows\DirectX.log
2015-07-22 20:25 - 2015-04-10 23:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-22 13:43 - 2013-08-22 16:44 - 00338104 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-22 13:36 - 2014-10-08 18:10 - 00000000 ____D C:\Users\Icke\AppData\Roaming\Ableton
2015-07-22 13:36 - 2014-10-08 18:10 - 00000000 ____D C:\AUDIO
2015-07-22 13:26 - 2015-04-10 15:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-22 13:26 - 2015-04-10 15:03 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-22 13:26 - 2014-10-08 18:26 - 00000000 ____D C:\Windows\system32\MRT
2015-07-22 13:26 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-22 13:24 - 2015-04-10 14:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-22 13:19 - 2015-04-14 12:35 - 00000000 ____D C:\ProgramData\Freemake
2015-07-22 13:19 - 2015-04-14 12:35 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-07-22 13:13 - 2015-04-10 14:35 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-22 13:12 - 2015-06-17 21:57 - 00004184 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2313329166-767069491-2639199306-1001UA
2015-07-22 13:12 - 2015-06-17 21:57 - 00003804 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2313329166-767069491-2639199306-1001Core
2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 12:08 - 2014-10-08 18:12 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43 - 2014-10-08 18:26 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-08 20:07 - 2015-07-23 22:51 - 0000032 _____ () C:\Users\Icke\AppData\Roaming\msregsvv.dll
2015-04-10 19:59 - 2015-06-21 20:22 - 0001456 _____ () C:\Users\Icke\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-10-08 20:07 - 2015-07-23 22:51 - 0000032 _____ () C:\ProgramData\autobk.inc
2015-04-10 14:18 - 2015-04-10 14:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Icke\AppData\Local\Temp\Ableton Swapper.exe
C:\Users\Icke\AppData\Local\Temp\Bass.dll
C:\Users\Icke\AppData\Local\Temp\Bass.Net.dll
C:\Users\Icke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk_3hds.dll
C:\Users\Icke\AppData\Local\Temp\DSETUP.dll
C:\Users\Icke\AppData\Local\Temp\dsetup32.dll
C:\Users\Icke\AppData\Local\Temp\DXSETUP.exe
C:\Users\Icke\AppData\Local\Temp\FreemakeVideoDownloaderFull.exe
C:\Users\Icke\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Icke\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Icke\AppData\Local\Temp\nvStInst.exe
C:\Users\Icke\AppData\Local\Temp\PlaySound.dll
C:\Users\Icke\AppData\Local\Temp\Quarantine.exe
C:\Users\Icke\AppData\Local\Temp\R2RTOOL.dll
C:\Users\Icke\AppData\Local\Temp\Second_Life_3_7_27_300636_i686_Setup.exe
C:\Users\Icke\AppData\Local\Temp\setup.exe
C:\Users\Icke\AppData\Local\Temp\setup64.exe
C:\Users\Icke\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Icke\AppData\Local\Temp\sfextra.dll
C:\Users\Icke\AppData\Local\Temp\Skin.dll
C:\Users\Icke\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Icke\AppData\Local\Temp\Social%20Club%20v1.1.6.0%20Setup.exe
C:\Users\Icke\AppData\Local\Temp\sqlite3.dll
C:\Users\Icke\AppData\Local\Temp\Uninstall.exe
C:\Users\Icke\AppData\Local\Temp\{6FA02C85-15EA-4F02-AF6E-ABD2B2F01B8B}-DropboxClient_3.6.9.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-22 13:35

==================== Ende von log ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-07-2015
durchgeführt von Icke an 2015-07-25 20:54:47
Gestartet von C:\Users\Icke\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2313329166-767069491-2639199306-500 - Administrator - Disabled)
Gast (S-1-5-21-2313329166-767069491-2639199306-501 - Limited - Disabled)
Icke (S-1-5-21-2313329166-767069491-2639199306-1001 - Administrator - Enabled) => C:\Users\Icke

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

+10db Compressor version 1.0.4 (HKLM\...\+10db Compressor_is1) (Version: 1.0.4 - Boz Digital Labs)
+10db Equaliser version 1.0.4 (HKLM\...\+10db Equaliser_is1) (Version: 1.0.4 - Boz Digital Labs)
+10db version 1.0.4 (HKLM\...\+10db_is1) (Version: 1.0.4 - Boz Digital Labs)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ABL 2.9.1 (HKLM-x32\...\AudioRealism Bass Line 2_is1) (Version:  - AudioRealism)
Ableton Live 9 Suite (HKLM\...\{11DF5764-52FF-4149-8B65-FB4D721975C9}) (Version: 9.0.0.0 - Ableton)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.03.00 - ASUSTeK Computer Inc.)
BigKick version 1.5.2 (HKLM\...\BigKick_is1) (Version: 1.5.2 - )
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cableguys VolumeShaper 4.0 (HKLM\...\VolumeShaper_is1) (Version: 4.0 - Cableguys)
Camel Audio CamelCrusher (HKLM-x32\...\Camel Audio CamelCrusher) (Version: 1.01.0 - Camel Audio)
Camel Audio CamelCrusher64 (HKLM-x32\...\Camel Audio CamelCrusher64) (Version: 1.01.0 - Camel Audio)
Cataract version 1.0 (HKLM-x32\...\{6853D390-3682-11E4-8510-0800200C9A66}_is1) (Version: 1.0 - Glitchmachines)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crysis 3 V1.3.0.0(CREATED BY XEONKING©) (HKLM-x32\...\Crysis 3_is1) (Version: 1.3.0.0 - )
Decimort 1.4.0 (32bit) (HKLM-x32\...\{DBA88E1F-1662-4615-8E00-82A8593BF374}) (Version: 1.4.0.0 - D16 Group Audio Software)
Decimort 1.4.0 (64bit) (HKLM\...\{F0A0EB8E-D410-4CFC-A238-B95373198BCD}) (Version: 1.4.0.0 - D16 Group Audio Software)
Devastor 1.4.0 (32bit) (HKLM-x32\...\{C8B66E95-70FC-4C02-B653-2B38BE779174}) (Version: 1.4.0.0 - D16 Group Audio Software)
Devastor 1.4.0 (64bit) (HKLM\...\{04B26700-1160-43CE-A42F-85D875A51625}) (Version: 1.4.0.0 - D16 Group Audio Software)
DMGAudio Dualism 1.01 (HKLM-x32\...\DMGAudio Dualism_is1) (Version:  - DMGAudio)
Dropbox (HKU\S-1-5-21-2313329166-767069491-2639199306-1001\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
Drumazon 1.6.2 (32bit) (HKLM-x32\...\{0C882D0C-DFD6-4BF6-805E-1C99E64BB6D6}) (Version: 1.6.2.0 - D16 Group Audio Software)
Drumazon 1.6.2 (64bit) (HKLM\...\{EECB9618-605A-4BC6-9D54-1ECD2D5360A4}) (Version: 1.6.2.0 - D16 Group Audio Software)
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.3.2 - CM&V)
FabFilter Total Bundle (64-bit) (HKLM-x32\...\FabFilter Total Bundle (64-bit)) (Version:  - )
Fazortan 1.4.0 (32bit) (HKLM-x32\...\{A740B712-3BA9-4438-AE19-3E92A46919EB}) (Version: 1.4.0.0 - D16 Group Audio Software)
Fazortan 1.4.0 (64bit) (HKLM\...\{C2627533-4EC7-4D86-B4AF-DE588F4515FE}) (Version: 1.4.0.0 - D16 Group Audio Software)
Firestorm SecondLife and OpenSim viewer (Version: 4.6.42974 - Phoenix Viewer Project) Hidden
Firestorm-Releasex64 x64 (HKLM-x32\...\{4e154806-de7a-4300-b61e-bc0c3a4c5b43}) (Version: 4.6.42974 - Phoenix Firestorm Project Inc)
foobar2000 v1.3.3 (HKLM-x32\...\foobar2000) (Version: 1.3.3 - Peter Pawlowski)
FXpansion Maul (HKU\S-1-5-21-2313329166-767069491-2639199306-1001\...\FXpansion Maul) (Version: 1.0.1.1 - FXpansion Audio UK Ltd)
Imperial Delay version 1.0.3 (HKLM\...\Imperial Delay_is1) (Version: 1.0.3 - )
Intel Processor Diagnostic Tool 64bit (HKLM\...\{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A}) (Version: 2.20.0.0 - Intel Corporation)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
iZotope Alloy 2 (HKLM-x32\...\iZotope Alloy 2_is1) (Version: 2.03 - iZotope, Inc.)
iZotope Nectar 2 Production Suite (HKLM-x32\...\iZotope Nectar 2 Production Suite_is1) (Version: 2.02 - iZotope, Inc.)
iZotope Ozone 5 Advanced (HKLM-x32\...\iZotope Ozone 5 Advanced_is1) (Version: 5.05 - iZotope, Inc.)
iZotope Ozone 6 Advanced (HKLM-x32\...\iZotope Ozone 6 Advanced_is1) (Version: 6.1 - iZotope, Inc.)
iZotope RX 4 (HKLM-x32\...\iZotope RX 4_is1) (Version: 4.00 - iZotope, Inc.)
iZotope Trash 2 (HKLM-x32\...\iZotope Trash 2_is1) (Version: 2.03 - iZotope, Inc.)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes)
Little Foot version 1.1.4 (HKLM\...\Little Foot_is1) (Version: 1.1.4 - )
LuSH-101 1.1.3 (32bit) (HKLM-x32\...\{B878746A-391A-486E-AC70-7114543BA417}) (Version: 1.1.3.0 - D16 Group Audio Software)
LuSH-101 1.1.3 (64bit) (HKLM\...\{38666E88-8DD7-4223-8DCF-1EB25D53A48B}) (Version: 1.1.3.0 - D16 Group Audio Software)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
M-Audio Oxygen Driver 1.3.0 (x64) (HKLM\...\{B52D5EDB-1945-4889-8F25-DEA1F9CD876A}) (Version: 1.3.0 - M-Audio)
Max 6.1.9 (HKLM\...\{B3CF8FDF-05D0-42A7-B5E0-4E816C7B100F}) (Version: 136.1.9 - Cycling '74)
Max 6.1.9 (x64) (HKLM\...\{EAB0C3CD-60A0-48C3-A67F-E0AF38D75978}) (Version: 136.1.9 - Cycling '74)
MeldaProduction Audio Plugins 9 (HKLM-x32\...\MeldaProduction Audio Plugins 9) (Version:  - MeldaProduction)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MIKSOFT Mobile Media Converter (HKLM-x32\...\Mobile Media Converter_is1) (Version:  - MIKSOFT)
Mongoose version 1.1.0 (HKLM\...\Mongoose_is1) (Version: 1.1.0 - )
Mono Bass Windows version 1.0.1 (HKLM\...\Mono Bass Windows_is1) (Version: 1.0.1 - )
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MusicLab RealEight (32-bit) (x32 Version: 1.0.0.7183 - MusicLab, Inc.) Hidden
MusicLab RealEight (64-bit) (Version: 1.0.0.7183 - MusicLab, Inc.) Hidden
MusicLab RealEight (HKLM-x32\...\{550309f3-2bc9-43a7-8091-faaf92edb69f}) (Version: 1.0.0.7183 - MusicLab, Inc.)
MusicLab RealEight Sound Bank (x32 Version: 1.0.0.7183 - MusicLab, Inc.) Hidden
MusicLab RealGuitar (32-bit) (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealGuitar (64-bit) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealGuitar (HKLM-x32\...\{8acd5fa1-4229-4d1c-8128-69dd335c205c}) (Version: 3.1.0.7127 - MusicLab, Inc.)
MusicLab RealGuitar Sound Bank (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealLPC (32-bit) (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealLPC (64-bit) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealLPC (HKLM-x32\...\{d7b0c209-45e8-465c-ace9-d3054191fdaf}) (Version: 3.1.0.7127 - MusicLab, Inc.)
MusicLab RealLPC Sound Bank (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (32-bit) (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (64-bit) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (HKLM-x32\...\{87d50511-cb30-4e5d-99b4-763b91649a0b}) (Version: 3.1.0.7127 - MusicLab, Inc.)
MusicLab RealStrat Sound Bank (x32 Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab Virtual Midi Driver (64-bit) (HKLM\...\{2B019162-86C7-4D14-AED0-2CB5110BA4FF}) (Version: 2.0.2.0 - MusicLab, Inc.)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.4.126 - Native Instruments)
Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.1.0.394 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.0.1498 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.5.0.409 - Native Instruments)
Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.0.533 - Native Instruments)
Native Instruments Molekular (HKLM-x32\...\Native Instruments Molekular) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Polyplex (HKLM-x32\...\Native Instruments Polyplex) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.7.0.1 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.2.1074 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.1 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.2.1.713 - Native Instruments)
Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Supercharger GT (HKLM-x32\...\Native Instruments Supercharger GT) (Version: 1.1.2.446 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments The Mouth (HKLM-x32\...\Native Instruments The Mouth) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.1.427 - Native Instruments)
Nepheton 1.6.2 (32bit) (HKLM-x32\...\{51626463-4561-48B0-A2EE-BB91F0669048}) (Version: 1.6.2.0 - D16 Group Audio Software)
Nepheton 1.6.2 (64bit) (HKLM\...\{207DAD3E-856E-4892-BEFA-87FB040E20FB}) (Version: 1.6.2.0 - D16 Group Audio Software)
Nicky Romero Kickstart 1.0.9 (HKLM\...\Kickstart_is1) (Version: 1.0.9 - Nicky Romero)
Nithonat 1.6.2 (32bit) (HKLM-x32\...\{9062593F-CC81-4612-BA83-3C70514CA748}) (Version: 1.6.2.0 - D16 Group Audio Software)
Nithonat 1.6.2 (64bit) (HKLM\...\{184D9BA5-2F8B-48EC-AA51-153685793E14}) (Version: 1.6.2.0 - D16 Group Audio Software)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ohm Force - Ohmicide VST (HKLM-x32\...\Ohmicide VST) (Version:  - )
OrangeVocoder VST 2.02 (HKLM-x32\...\OrangeVocoder_VST_2.02) (Version:  - )
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden
Panther version 1.1.4 (HKLM\...\Panther_is1) (Version: 1.1.4 - )
Phoscyon 1.9.0 (32bit) (HKLM-x32\...\{00C950EE-9D99-408E-91A8-7270A3E64CC6}) (Version: 1.9.0.0 - D16 Group Audio Software)
Phoscyon 1.9.0 (64bit) (HKLM\...\{128D2BFF-2122-4D0E-AC87-3EDDEC30358B}) (Version: 1.9.0.0 - D16 Group Audio Software)
Polygon version 1.0 (HKLM-x32\...\{0BF82F4F-37CC-4A00-A20E-B24AA8D90160}_is1) (Version: 1.0 - Glitchmachines)
PSP MasterComp (HKLM-x32\...\PSP MasterComp) (Version: 1.8.0 - PSPaudioware.com)
PSP StereoPack (HKLM-x32\...\PSP StereoPack) (Version: 1.9.9 - PSPaudioware.com)
PSP VintageWarmer2 (HKLM-x32\...\PSP VintageWarmer2) (Version: 2.5.2 - PSPaudioware.com)
PSP Xenon (HKLM-x32\...\PSP Xenon) (Version: 1.5.0 - PSPaudioware.com)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7482 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Redoptor 1.4.0 (32bit) (HKLM-x32\...\{2D81AD06-DEA0-4EA6-9EA9-173196221EC4}) (Version: 1.4.0.0 - D16 Group Audio Software)
Redoptor 1.4.0 (64bit) (HKLM\...\{6F537CC2-B20E-4EA3-9D08-9043F724A4BE}) (Version: 1.4.0.0 - D16 Group Audio Software)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Saffire MixControl 3.4 (HKLM\...\Saffire PRO 40_is1) (Version: 3.4 - Focusrite Audio Engineering Ltd.)
SampleTank 3 version 3.5.1 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.5.1 - IK Multimedia)
Sasquatch version 1.2.0 (HKLM\...\Sasquatch_is1) (Version: 1.2.0 - )
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Sigmund 1.1.2 (32bit) (HKLM-x32\...\{A46DF488-2287-404D-B164-DEE16A644542}) (Version: 1.1.2.0 - D16 Group Audio Software)
Sigmund 1.1.2 (64bit) (HKLM\...\{F130BECD-2276-4465-8ACD-7C8D32FE830D}) (Version: 1.1.2.0 - D16 Group Audio Software)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spectrasonics Stylus RMX Library version 1.0 (HKLM-x32\...\Spectrasonics Stylus RMX Library_is1) (Version:  - Copyright (C) 2005-2011 Spectrasonics)
Spectrasonics Stylus RMX VSTi Plug-In version 1.9 (HKLM-x32\...\Spectrasonics Stylus RMX VSTi Plug-In_is1) (Version:  - Copyright (C) 2005-2011 Spectrasonics)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2313329166-767069491-2639199306-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.13 - Stardock Software, Inc.)
Stardock IconPackager (HKLM-x32\...\Stardock IconPackager) (Version: 5.10 - Stardock Software, Inc.)
Sugar Bytes Effectrix 1.4.2 (HKLM\...\Effectrix_is1) (Version: 1.4.2 - Sugar Bytes)
Sugar Bytes Egoist 1.0.4 (HKLM\...\Egoist_is1) (Version: 1.0.4 - Sugar Bytes)
Sugar Bytes Looperator 1.0 (HKLM\...\Looperator_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sugar Bytes WOW2 2.1.0 (HKLM\...\WOW2_is1) (Version: 2.1.0 - Sugar Bytes)
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version:  - )
Syntorus 1.4.0 (32bit) (HKLM-x32\...\{A6E430AC-8561-4C16-BA7F-9E52108A100A}) (Version: 1.4.0.0 - D16 Group Audio Software)
Syntorus 1.4.0 (64bit) (HKLM\...\{6E3E13E9-F55B-4A91-9D46-9766BF057289}) (Version: 1.4.0.0 - D16 Group Audio Software)
Tantra version 1.01 (HKLM\...\Tantra_is1) (Version: 1.01 - )
T-Bone version 1.5.1 (HKLM\...\T-Bone_is1) (Version: 1.5.1 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
teVirtualMIDI64 (HKLM\...\{D7B539ED-8D15-4E97-ABA8-5AF4A2F10C78}) (Version: 1.2.3.31 - Tobias Erichsen)
The Abuser version 1.0.0 (HKLM-x32\...\{9BC26A02-FE24-40A6-9FBE-B9189F67801C}_is1) (Version: 1.0.0 - Audiority)
Toraverb 1.4.0 (32bit) (HKLM-x32\...\{950AC248-B708-4011-9638-BC8E1A661DB5}) (Version: 1.4.0.0 - D16 Group Audio Software)
Toraverb 1.4.0 (64bit) (HKLM\...\{F915E9F5-13F9-487A-A7E2-AC71EBE31231}) (Version: 1.4.0.0 - D16 Group Audio Software)
touchAble Server x64 1.0.10.1263 (HKLM\...\{546D659A-3387-473C-8B6F-014662D4EC2A}_is1) (Version: 1.0.10.1263 - Zerodebug)
T-RackS CS version 4.7.1 (HKLM\...\{E931EBCC-55F9-4D67-BA0E-D57C4A893A44}_is1) (Version: 4.7.1 - IK Multimedia)
UpStereo Pro 64 (HKLM\...\{3466DA3C-970D-5D58-B9B7-5671B8E02AD9}) (Version: 2.00a - QuikQuak)
ValhallaRoom 1.1.0 (HKLM-x32\...\ValhallaRoom_is1) (Version:  - )
ValhallaUberMod 1.0.1 (HKLM-x32\...\ValhallaUberMod_is1) (Version:  - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visualizer2 (HKLM\...\Visualizer2_is1) (Version:  - NUGEN Audio)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Waves Complete V9r26 (HKLM-x32\...\{93000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.3.26 - Waves)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Xfer Records LFOTool v1.29 Beta 6 x64 (HKLM\...\Xfer Records LFOTool v1.29 Beta 6 x64_is1) (Version:  - )
Xfer Records LFOTool v1.29 Beta 6 x86 (HKLM-x32\...\Xfer Records LFOTool v1.29 Beta 6 x86_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{8E7C8D1D-82F9-3696-BDDA-DD35419305F2}\InprocServer32 -> Keine Datei Pfad
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{A6FBF445-ED72-008B-D381-3F9CADA21B6B}\InprocServer32 -> Keine Datei Pfad
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{E0EB4174-E066-93A6-3225-6864931E48FE}\InprocServer32 -> Keine Datei Pfad
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{F57AEC8E-0F8D-F866-ABE0-8EC6A26B5B17}\InprocServer32 -> Keine Datei Pfad
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2313329166-767069491-2639199306-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Icke\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

22-07-2015 13:17:07 Removed Ableton Live 9 Suite
23-07-2015 16:23:35 DirectX wurde installiert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2015-07-25 20:54 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1327BDAF-AD4B-4B62-A319-EB5D06F8445A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {193C771D-A917-47D8-A077-D5044AAF2895} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2313329166-767069491-2639199306-1001UA => C:\Users\Icke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {76FD3F7A-CCCE-4523-8D05-C5147C745246} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2313329166-767069491-2639199306-1001Core => C:\Users\Icke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F4BFDEA2-612A-44DB-8087-E8361B4BADDB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2313329166-767069491-2639199306-1001Core.job => C:\Users\Icke\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2313329166-767069491-2639199306-1001UA.job => C:\Users\Icke\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-08 17:48 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-13 12:28 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2015-04-13 12:28 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-24 15:28 - 2015-03-24 15:28 - 00036544 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-03-24 15:28 - 2015-03-24 15:28 - 00775872 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-03-24 15:27 - 2015-03-24 15:27 - 00022016 _____ () C:\Program Files\Rainmeter\Plugins\WifiStatus.DLL
2015-03-24 15:27 - 2015-03-24 15:27 - 00020992 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.DLL
2015-03-24 15:27 - 2015-03-24 15:27 - 00058368 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.DLL
2015-03-24 15:27 - 2015-03-24 15:27 - 00016896 _____ () C:\Program Files\Rainmeter\Plugins\AdvancedCPU.DLL
2015-03-24 15:27 - 2015-03-24 15:27 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2015-04-10 23:08 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\DVBViewer\sqlite3.dll
2015-04-10 23:20 - 2011-01-19 14:27 - 00254464 _____ () C:\Program Files (x86)\DVBViewer\Plugins\Hadu.dll
2015-04-10 23:20 - 2004-11-13 01:38 - 00040960 _____ () C:\Program Files (x86)\DVBViewer\FFDeCsa.dll
2015-04-10 23:20 - 2003-11-21 12:06 - 00017408 _____ () C:\Program Files (x86)\DVBViewer\Csa.dll
2015-04-10 23:15 - 2013-04-05 21:26 - 02106368 _____ () C:\Program Files (x86)\AC3Filter\ac3filter.ax
2015-04-10 23:15 - 2013-04-05 21:27 - 01021440 _____ () C:\Program Files (x86)\AC3Filter\ac3filter_intl.dll
2015-05-30 16:21 - 2010-11-04 11:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2015-07-25 20:47 - 2015-07-25 20:47 - 00043008 _____ () c:\users\icke\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk_3hds.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Icke\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Icke\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Icke\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Icke\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Icke\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Icke\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Icke\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-01 20:35 - 2015-06-01 20:35 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-06-01 20:35 - 2015-06-01 20:35 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-06-01 20:35 - 2015-06-01 20:35 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Icke\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Icke\AppData\Local\Temporary Internet Files:AyDwOMDukgcT1FYYJ

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. The "AlternateShell" value will be restored.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2313329166-767069491-2639199306-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Icke\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\space wallpaper (124).jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "ASUS Ai Charger"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-2313329166-767069491-2639199306-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2313329166-767069491-2639199306-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2313329166-767069491-2639199306-1001\...\StartupApproved\Run: => "Dropbox Update"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{B30A7DF3-22EF-40DC-8220-42E15EA61484}C:\users\icke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\icke\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{06104C16-EFF3-492F-944F-B42FDEB518A7}C:\users\icke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\icke\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DA93FE21-5A4E-416C-87FC-AC652AEE48EE}D:\programme\load\load.exe] => (Allow) D:\programme\load\load.exe
FirewallRules: [UDP Query User{3E011128-4BCE-448B-87F5-50B2BDC8A03E}D:\programme\load\load.exe] => (Allow) D:\programme\load\load.exe
FirewallRules: [TCP Query User{EC188EE1-6DC3-461C-8DEC-678548262632}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe
FirewallRules: [UDP Query User{F5B07434-914C-4B79-BF18-6BEBBBB60172}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe
FirewallRules: [TCP Query User{AE8DC4C3-5C2D-4CC8-8C29-2116E131BEB7}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{EC17E497-D07E-4C37-8040-01C278286FA7}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{C7721D48-EB29-497E-86CA-504E4F0F29BE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AE42803B-77E7-49CB-9E59-489A9527CE05}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CA9976FC-65D6-4D43-9CFE-E12C6CC11B4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0065E7F-4E9B-4D7B-A898-2578D5BB07A4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C3961EF-615E-4173-9578-0BEFE72BE2F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0A681AC4-AACD-467A-B792-2D7F26FC3D14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A3BC1E4F-44B2-4B9F-8C8A-386D3003F572}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{46AB14BA-B1ED-452D-8368-1042E35FA815}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{207EADF9-A45E-431B-B1F9-9E14D1509F94}C:\audio\ableton live 9 x64\program\ableton live 9 suite.exe] => (Allow) C:\audio\ableton live 9 x64\program\ableton live 9 suite.exe
FirewallRules: [UDP Query User{24DE3BC5-8C9C-49AD-BE6A-826C692DA458}C:\audio\ableton live 9 x64\program\ableton live 9 suite.exe] => (Allow) C:\audio\ableton live 9 x64\program\ableton live 9 suite.exe
FirewallRules: [{868E58D9-E8A9-46B8-AFC5-D76754B1FB7A}] => (Allow) C:\Users\Icke\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F5765E2F-7660-4E55-ADDC-8D2AA9EC4BA7}] => (Allow) C:\Users\Icke\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{689170AE-DF59-4864-A37E-BCE488970A49}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E95834A5-DF43-4F8C-8E45-7F1227C6E83F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C82D0C51-BDBA-47B0-82B9-E52798429E83}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1E029D3-B8F5-46B3-A25A-0FC65F4868FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{FFFC0894-6F87-48DF-9278-F6EE797073E9}C:\program files (x86)\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{6A4133E3-E1E6-4F7C-A00F-2ACD6729B2D5}C:\program files (x86)\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [{AC394E00-2931-445E-A608-3DC909BD532E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{AA283078-3DD2-45BF-8E82-C3F0B46AE844}] => (Allow) C:\AUDIO\Apps\touchAble\touchAbleServer.exe
FirewallRules: [{01DABDBD-54D8-4DD6-8FAA-D80D91013CC3}] => (Allow) C:\AUDIO\Apps\touchAble\touchAbleServer.exe
FirewallRules: [TCP Query User{53AD0B0E-AF4C-4157-8F1C-905C4857AF05}C:\program files (x86)\the witcher 2 assassins of kings enhanced edition\bin\witcher2.exe] => (Block) C:\program files (x86)\the witcher 2 assassins of kings enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{14D27E98-8782-4410-9EBE-3EAB287EED27}C:\program files (x86)\the witcher 2 assassins of kings enhanced edition\bin\witcher2.exe] => (Block) C:\program files (x86)\the witcher 2 assassins of kings enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{A1ACDA12-3619-4957-A796-630AB85138C9}C:\users\icke\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\icke\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{117215C0-544F-41CD-ACFC-33E52C1E59B5}C:\users\icke\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\icke\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{70299C82-2721-4114-B30F-8911F8A8809A}C:\audio\ableton live 9 x64\program\ableton live 9 suite.exe] => (Allow) C:\audio\ableton live 9 x64\program\ableton live 9 suite.exe
FirewallRules: [UDP Query User{95DE351B-B957-4C0F-9CBF-DF02EA1FDB08}C:\audio\ableton live 9 x64\program\ableton live 9 suite.exe] => (Allow) C:\audio\ableton live 9 x64\program\ableton live 9 suite.exe
FirewallRules: [TCP Query User{BACDDAF7-4BD0-493C-B5D8-DFD84269DF90}D:\programme\load\load.exe] => (Allow) D:\programme\load\load.exe
FirewallRules: [UDP Query User{3A9395EF-6678-482F-8854-3ED5344A47A8}D:\programme\load\load.exe] => (Allow) D:\programme\load\load.exe
FirewallRules: [TCP Query User{A502904E-AFC9-4478-B496-D4C9171A7F0A}C:\users\icke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\icke\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BFD0FA9A-E692-4026-BA4E-105900F6B09F}C:\users\icke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\icke\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{501D53FA-0AE4-4BD5-8AE5-44A76DE8AA17}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CBEF9C64-DC35-4435-950E-6AAA03BF0922}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{F3C6071D-97EE-4476-8913-E272F557A39D}C:\program files (x86)\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{374CCD15-85AA-4D30-8FAE-6D60CDEC5520}C:\program files (x86)\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{784BDF70-45E5-4E38-B4AC-288A70861B7D}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe
FirewallRules: [UDP Query User{4FAB9DD7-375F-4C2D-91AC-65982AB25091}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe
FirewallRules: [TCP Query User{C542349C-75FA-4CAD-B8A0-51CC70F65B4D}C:\audio\ableton live 9 x86\program\ableton live 9 suite.exe] => (Allow) C:\audio\ableton live 9 x86\program\ableton live 9 suite.exe
FirewallRules: [UDP Query User{32DA8766-4E3E-43E7-821F-1B774459569B}C:\audio\ableton live 9 x86\program\ableton live 9 suite.exe] => (Allow) C:\audio\ableton live 9 x86\program\ableton live 9 suite.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/25/2015 08:46:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x134c
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (07/25/2015 08:46:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xd3c
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (07/25/2015 04:36:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dvbviewer.exe, Version: 5.3.2.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: FFDeCsa.dll, Version: 0.0.0.0, Zeitstempel: 0x41951f4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000090e0
ID des fehlerhaften Prozesses: 0xb94
Startzeit der fehlerhaften Anwendung: 0xdvbviewer.exe0
Pfad der fehlerhaften Anwendung: dvbviewer.exe1
Pfad des fehlerhaften Moduls: dvbviewer.exe2
Berichtskennung: dvbviewer.exe3
Vollständiger Name des fehlerhaften Pakets: dvbviewer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dvbviewer.exe5

Error: (07/25/2015 11:56:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dvbviewer.exe, Version: 5.3.2.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: FFDeCsa.dll, Version: 0.0.0.0, Zeitstempel: 0x41951f4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000090e0
ID des fehlerhaften Prozesses: 0x1060
Startzeit der fehlerhaften Anwendung: 0xdvbviewer.exe0
Pfad der fehlerhaften Anwendung: dvbviewer.exe1
Pfad des fehlerhaften Moduls: dvbviewer.exe2
Berichtskennung: dvbviewer.exe3
Vollständiger Name des fehlerhaften Pakets: dvbviewer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dvbviewer.exe5

Error: (07/25/2015 11:56:32 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm dvbviewer.exe, Version 5.3.2.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11cc

Startzeit: 01d0c6c01f08b62b

Endzeit: 17

Anwendungspfad: C:\Program Files (x86)\DVBViewer\dvbviewer.exe

Berichts-ID: 6b4ebacc-32b3-11e5-830b-74d435e923de

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/25/2015 11:56:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dvbviewer.exe, Version: 5.3.2.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: FFDeCsa.dll, Version: 0.0.0.0, Zeitstempel: 0x41951f4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000090e0
ID des fehlerhaften Prozesses: 0x11cc
Startzeit der fehlerhaften Anwendung: 0xdvbviewer.exe0
Pfad der fehlerhaften Anwendung: dvbviewer.exe1
Pfad des fehlerhaften Moduls: dvbviewer.exe2
Berichtskennung: dvbviewer.exe3
Vollständiger Name des fehlerhaften Pakets: dvbviewer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dvbviewer.exe5

Error: (07/24/2015 05:48:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dvbviewer.exe, Version: 5.3.2.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: FFDeCsa.dll, Version: 0.0.0.0, Zeitstempel: 0x41951f4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000090e0
ID des fehlerhaften Prozesses: 0xfa8
Startzeit der fehlerhaften Anwendung: 0xdvbviewer.exe0
Pfad der fehlerhaften Anwendung: dvbviewer.exe1
Pfad des fehlerhaften Moduls: dvbviewer.exe2
Berichtskennung: dvbviewer.exe3
Vollständiger Name des fehlerhaften Pakets: dvbviewer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dvbviewer.exe5

Error: (07/24/2015 11:25:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dvbviewer.exe, Version: 5.3.2.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: FFDeCsa.dll, Version: 0.0.0.0, Zeitstempel: 0x41951f4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000090e0
ID des fehlerhaften Prozesses: 0xc1c
Startzeit der fehlerhaften Anwendung: 0xdvbviewer.exe0
Pfad der fehlerhaften Anwendung: dvbviewer.exe1
Pfad des fehlerhaften Moduls: dvbviewer.exe2
Berichtskennung: dvbviewer.exe3
Vollständiger Name des fehlerhaften Pakets: dvbviewer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dvbviewer.exe5

Error: (07/24/2015 10:27:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dvbviewer.exe, Version: 5.3.2.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: FFDeCsa.dll, Version: 0.0.0.0, Zeitstempel: 0x41951f4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000090e0
ID des fehlerhaften Prozesses: 0x950
Startzeit der fehlerhaften Anwendung: 0xdvbviewer.exe0
Pfad der fehlerhaften Anwendung: dvbviewer.exe1
Pfad des fehlerhaften Moduls: dvbviewer.exe2
Berichtskennung: dvbviewer.exe3
Vollständiger Name des fehlerhaften Pakets: dvbviewer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dvbviewer.exe5

Error: (07/23/2015 10:51:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Arschmade._omni-live._tcp.local. port 1582.


Systemfehler:
=============
Error: (07/25/2015 08:47:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/25/2015 08:47:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/25/2015 08:47:15 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12

Error: (07/25/2015 08:47:01 PM) (Source: DCOM) (EventID: 10010) (User: ARSCHMADE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/25/2015 08:47:01 PM) (Source: DCOM) (EventID: 10010) (User: ARSCHMADE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/25/2015 08:46:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/25/2015 08:46:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/25/2015 08:27:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/25/2015 08:26:58 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12

Error: (07/25/2015 08:26:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (07/25/2015 08:46:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa134c01d0c70a2aaefe47C:\Users\Icke\Desktop\Gmer-19357.exeC:\Users\Icke\Desktop\Gmer-19357.exe6a2b0410-32fd-11e5-830d-74d435e923de

Error: (07/25/2015 08:46:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aad3c01d0c70a21f2bcd9C:\Users\Icke\Desktop\Gmer-19357.exeC:\Users\Icke\Desktop\Gmer-19357.exe65465120-32fd-11e5-830d-74d435e923de

Error: (07/25/2015 04:36:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dvbviewer.exe5.3.2.02a425e19FFDeCsa.dll0.0.0.041951f4ac0000005000090e0b9401d0c6e756b63fe2C:\Program Files (x86)\DVBViewer\dvbviewer.exeC:\Program Files (x86)\DVBViewer\FFDeCsa.dll94a12bd0-32da-11e5-830b-74d435e923de

Error: (07/25/2015 11:56:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dvbviewer.exe5.3.2.02a425e19FFDeCsa.dll0.0.0.041951f4ac0000005000090e0106001d0c6c03134f8daC:\Program Files (x86)\DVBViewer\dvbviewer.exeC:\Program Files (x86)\DVBViewer\FFDeCsa.dll6f1d464b-32b3-11e5-830b-74d435e923de

Error: (07/25/2015 11:56:32 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: dvbviewer.exe5.3.2.011cc01d0c6c01f08b62b17C:\Program Files (x86)\DVBViewer\dvbviewer.exe6b4ebacc-32b3-11e5-830b-74d435e923de

Error: (07/25/2015 11:56:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dvbviewer.exe5.3.2.02a425e19FFDeCsa.dll0.0.0.041951f4ac0000005000090e011cc01d0c6c01f08b62bC:\Program Files (x86)\DVBViewer\dvbviewer.exeC:\Program Files (x86)\DVBViewer\FFDeCsa.dll5d0bf000-32b3-11e5-830b-74d435e923de

Error: (07/24/2015 05:48:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dvbviewer.exe5.3.2.02a425e19FFDeCsa.dll0.0.0.041951f4ac0000005000090e0fa801d0c6282c96b967C:\Program Files (x86)\DVBViewer\dvbviewer.exeC:\Program Files (x86)\DVBViewer\FFDeCsa.dll6a83639e-321b-11e5-830a-74d435e923de

Error: (07/24/2015 11:25:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dvbviewer.exe5.3.2.02a425e19FFDeCsa.dll0.0.0.041951f4ac0000005000090e0c1c01d0c5f2ac3dc619C:\Program Files (x86)\DVBViewer\dvbviewer.exeC:\Program Files (x86)\DVBViewer\FFDeCsa.dllea3e491e-31e5-11e5-830a-74d435e923de

Error: (07/24/2015 10:27:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dvbviewer.exe5.3.2.02a425e19FFDeCsa.dll0.0.0.041951f4ac0000005000090e095001d0c5ea87760faaC:\Program Files (x86)\DVBViewer\dvbviewer.exeC:\Program Files (x86)\DVBViewer\FFDeCsa.dllc57c54c6-31dd-11e5-8308-74d435e923de

Error: (07/23/2015 10:51:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Arschmade._omni-live._tcp.local. port 1582.


CodeIntegrity Fehler:
===================================
  Date: 2015-07-25 20:36:54.193
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-25 20:36:18.692
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-23 20:33:10.796
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.

  Date: 2015-07-22 13:20:25.040
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-19 03:10:02.563
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-19 03:08:15.477
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-19 03:04:14.145
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.

  Date: 2015-06-18 08:17:02.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-18 08:15:26.645
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-18 08:11:56.972
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Programme\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 13%
Total physical RAM: 16286.14 MB
Available physical RAM: 14126.21 MB
Total Virtual: 32670.14 MB
Available Virtual: 30132.64 MB

==================== Drives ================================

Drive c: (PLAYSTATION) (Fixed) (Total:232.66 GB) (Free:138.28 GB) NTFS
Drive d: (LiBS + TOOLS) (Fixed) (Total:931.51 GB) (Free:122.63 GB) NTFS
Drive e: (ABLESTOFF) (Fixed) (Total:476.84 GB) (Free:196.68 GB) NTFS
Drive f: (KONTAKTSTOFF) (Fixed) (Total:465.63 GB) (Free:154.4 GB) NTFS
Drive g: (LIFESAVER) (Fixed) (Total:465.76 GB) (Free:204.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 62F98D8E)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 58FD5714)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 2A1BAD33)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.8 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0105E7D0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von log ============================
         
Angehängte Dateien
Dateityp: txt FRST.txt (36,5 KB, 91x aufgerufen)
Dateityp: txt Addition.txt (55,9 KB, 98x aufgerufen)
Dateityp: log defogger_disable.log (470 Bytes, 67x aufgerufen)

Geändert von Audiofreak (25.07.2015 um 21:12 Uhr)

Alt 25.07.2015, 21:08   #2
Machiavelli
 
loop.exe in Temp - Standard

loop.exe in Temp



Irgendwie macht jeder den gleichen Fehler.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Antwort

Themen zu loop.exe in Temp
angehängt, defogger, gefunde, gmer, grand theft auto, malwarebytes, nichts, prozesse, scan, spark, temp, troja, trojaner, trojaner?, wissen, würde



Ähnliche Themen: loop.exe in Temp


  1. TR/Agent.7375 in C:\Users\HerrTest\AppData\Local\Temp\nscA085.tmp\temp\5FT.zip
    Log-Analyse und Auswertung - 18.10.2015 (13)
  2. Firefox Verlauf verseucht: bestimmte Seite wird immer im Loop als zuletzt besucht erfasst
    Log-Analyse und Auswertung - 30.10.2014 (3)
  3. Login Loop nach T-mobile MMS Trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (17)
  4. Login Loop nach T-mobile MMS Trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.02.2013 (11)
  5. TrojWare.Win32.Buzus.carj in C:\Windows\Temp\HInfo.exe bzw. C:\Windows\Temp\restart.exe
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (2)
  6. Facebook Hackangriff-Roadblock loop
    Plagegeister aller Art und deren Bekämpfung - 20.05.2012 (1)
  7. Avira findet TR/EyeStye.N.1213 unter C:\User\***\AppData\Local\Temp\203.temp
    Log-Analyse und Auswertung - 31.10.2011 (5)
  8. Win XP Login Loop
    Alles rund um Windows - 29.08.2010 (2)
  9. Trojaner TR/Crypt.ZPACK.gen in C:/WINDOWS/TEMP/xxxx.temp/svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 30.04.2010 (33)
  10. TR/Crypt.ZPACK.Gen in C:\Temp\bcot.tmp\svchost.exe , C:\Temp\qmub.tmp\svchost.exe usw
    Plagegeister aller Art und deren Bekämpfung - 12.04.2010 (1)
  11. Windows XP wird nicht mehr geladen!Bluesreen-Kennwort im Loop!
    Alles rund um Windows - 25.03.2010 (1)
  12. JAVA/Dldr.Agent.L C:\windows\Temp\~77E1.temp
    Plagegeister aller Art und deren Bekämpfung - 05.01.2010 (2)
  13. mx_**.temp dateien in windows/temp ordner?
    Plagegeister aller Art und deren Bekämpfung - 27.06.2007 (1)
  14. ADSPY/Bar.loop gefunden, wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 19.06.2006 (15)
  15. temp/se.dll
    Plagegeister aller Art und deren Bekämpfung - 24.10.2005 (1)
  16. temp/se.dll
    Mülltonne - 24.10.2005 (0)
  17. hossa ich hab da ein kleines problem mit so´nem loop schwein
    Log-Analyse und Auswertung - 21.04.2005 (1)

Zum Thema loop.exe in Temp - Hallo, ich habe nach einem Malwarebytes Scan den loop.exe (vermutl. Trojaner?) in Temp gefunden. Mir ist ansonsten nichts Besonderes wie auffällige Prozesse o.ä. aufgefallen. Würde trotzdem gerne wissen, ob da - loop.exe in Temp...
Archiv
Du betrachtest: loop.exe in Temp auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.