Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pishing Mail ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.06.2015, 11:21   #1
ertanal
 
Pishing Mail ? - Standard

Pishing Mail ?



Hallo TB-Bewohner, ich habe in meinem "Unbekannten Ordner" eine Mail stehen von der Deutschen Bank.
So lautet die überschrift: "sicheres-bezahlen im Internet - Bestätigung erforderlich!"
ich soll auf Bestätigung durchführen klicken, wenn ich nicht innerhalb von 14 Tagen
nicht bestätige muss ich mit nem Gebühr in Höhe von 54,95 rechnen.

Edit: Ich hab schon raufgeklickt, da ich davon ausging, dass es eine Sicherungs Verfahren von der Deutschen Bank ist, allerdings sprang sofort nach dem klick auf und warnte mich und fand diese Infektion: Html:redirME-inf[Trj]

Danke im voraus

edit:Wieso war die Mail im Unbekannten Ordner und nicht im Spam Ordner

Alt 12.06.2015, 12:26   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Pishing Mail ? - Standard

Pishing Mail ?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 12.06.2015, 12:33   #3
ertanal
 
Pishing Mail ? - Standard

Pishing Mail ?



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by optik (administrator) on TWINZ on 12-06-2015 13:31:34
Running from C:\Users\optik\Desktop
Loaded Profiles: optik (Available Profiles: optik)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by optik at 2015-06-12 13:32:02
Running from C:\Users\optik\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2461873215-4186745203-1289361242-500 - Administrator - Disabled)
Gast (S-1-5-21-2461873215-4186745203-1289361242-501 - Limited - Disabled)
optik (S-1-5-21-2461873215-4186745203-1289361242-1001 - Administrator - Enabled) => C:\Users\optik
UpdatusUser (S-1-5-21-2461873215-4186745203-1289361242-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{180B50DF-B2C8-43A1-AB97-2101AA62DDD3}) (Version: 12.0.0 - Helmut Buhler)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - Team Psykskallar)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DreadOut Demo (HKLM-x32\...\Steam App 299130) (Version:  - Digital Happiness)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 13 Demo (HKLM-x32\...\{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 Demo (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
Free MP4 Video Converter version 5.0.37.327 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.37.327 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
GpuTemp (HKLM\...\{0FFA85AB-D704-48A6-A009-25A0559152C3}) (Version: 2.1 - WR-Tools)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Rapture3D 2.3.22 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Skullgirls (HKLM-x32\...\Steam App 245170) (Version:  - Lab Zero Games)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Terrordrome_Final (HKLM-x32\...\{1EE65D14-6927-405F-A640-43ECBC9AB85C}) (Version: 2.9.5 - HuracanStudio)
Terrordrome_Final V2.9.5 (HKLM-x32\...\Terrordrome_Final V2.9.5) (Version: V2.9.5 - HuracanStudio)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
Unity Web Player (HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\optik\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\optik\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001_Classes\CLSID\{9CF1512B-6019-4573-9466-57AA61960209}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points =========================

20-05-2015 13:06:39 Geplanter Prüfpunkt
31-05-2015 13:01:37 Geplanter Prüfpunkt
06-06-2015 14:16:14 Windows Update
09-06-2015 00:13:50 Installed Project64 1.6

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06B26CBD-75FC-4814-98CB-6337BE595DB5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {14622FD5-343E-43E2-AA67-CAA028E8E313} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-21] (Adobe Systems Incorporated)
Task: {4DF1BE17-5553-4393-9D8E-C8F52906C260} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {5E25D2EF-EC7A-48CB-89EF-50FE6C724C02} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6A99E002-2095-4572-8F7D-0E9D1C8581A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {8435C395-5D8F-49F4-A3F4-4BC9A83B33E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {8586DDAE-77F0-4FE2-9790-8389CCB53926} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {9637C51F-F76B-4FC1-B908-2613AA3B89B3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {9C207940-0D1F-40E8-AE96-65490CA4E91C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {B5D22752-A7C4-4B63-9FF9-D6560E5F5C1F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-13] (Avast Software s.r.o.)
Task: {EB6297F0-74C2-43CF-AD71-3031D0F0FF0F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {EF42B16B-BD18-4A65-9BAE-5947BC9A4ADF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F29078D9-C8A1-4E6C-8747-40828071D39D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {F92C8E55-E6DB-4E41-BD9C-EEAE1810FCB2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-11] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2012-08-29 12:02 - 2012-08-29 12:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-10-27 15:21 - 2014-10-30 04:10 - 00117064 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-27 16:11 - 2014-10-27 16:11 - 00120224 _____ () C:\Users\optik\AppData\Local\assembly\dl3\4K796MHC.KKM\9BQW35LW.Q7P\98a9c14b\0017145d_cd85cd01\HPItunesModule.DLL
2015-05-13 20:02 - 2015-05-13 20:02 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-13 20:02 - 2015-05-13 20:02 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-11 12:16 - 2015-06-11 12:16 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061100\algo.dll
2015-06-12 12:19 - 2015-06-12 12:19 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061200\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-26 19:05 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-11-26 19:10 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-03-17 12:13 - 2015-03-17 12:13 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\optik\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\optik\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 62.109.121.2 - 62.109.121.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{1290F6E6-8A57-4451-BCC6-24FFC78A06AA}C:\users\optik\desktop\pyload-v0.4.9-win\pyload\dist\pyloadcore.exe] => (Block) C:\users\optik\desktop\pyload-v0.4.9-win\pyload\dist\pyloadcore.exe
FirewallRules: [TCP Query User{EA2FE541-DC25-4B04-A2EE-18A47391A251}C:\users\optik\desktop\pyload-v0.4.9-win\pyload\dist\pyloadcore.exe] => (Block) C:\users\optik\desktop\pyload-v0.4.9-win\pyload\dist\pyloadcore.exe
FirewallRules: [UDP Query User{DCC6B67A-69E0-447A-AF40-059D9DC9F1DB}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{4AA3DA39-96E4-47D0-ACC5-CCB39770F83C}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{22C48B7E-FC1D-4CBD-8655-843BEF3FE8CE}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [TCP Query User{29D859C4-9CEC-4EF4-9C1C-445AA912950F}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [{E0C52C12-0B7D-4D13-8B4B-5D95F6D1D7AA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{23C45605-B5E2-47BE-9749-9040E171EBBA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{B00B1C5A-DDEB-4DEC-BB60-A04BF87F1B72}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{21686015-0057-491B-A66F-5E0553F736AC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B1F110D5-EED6-4CBD-A7AE-7EBC83A89AE4}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\gu.exe
FirewallRules: [{6FC06191-EDF1-4216-9A4E-6FDD7B78FBFC}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\gu.exe
FirewallRules: [{366B2DE1-2C4C-4BE5-8A1F-1E849BA5E851}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\Rayman Origins.exe
FirewallRules: [{61253F81-CD4E-4C5A-AD87-50EC7E6F5B9E}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\Rayman Origins.exe
FirewallRules: [{17A17685-47A0-44A1-A380-7DAD7EF24B88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{60A61EFA-3CD6-40A5-9884-D4D71E5352E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{0F639903-8662-4DA9-A009-1988624EBE1A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{5DBEEF1B-0E0E-4F73-8C82-ED9DFF228538}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{A50DB810-DADB-406B-87FD-77C9EB03D6EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{C551166D-F754-4F4F-93DA-E861C2316BAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darkness II\DarknessII.exe
FirewallRules: [{04A8AD80-1190-4C5B-A31A-2976739D2A6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darkness II\DarknessII.exe
FirewallRules: [{50414D68-36B5-43AC-AFA9-5FDBACCE44FD}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13 Demo\Game\fifa13_demo.exe
FirewallRules: [{513E52D3-344D-4D06-BB3B-F5FCB898E342}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13 Demo\Game\fifa13_demo.exe
FirewallRules: [{F23E50E8-86F1-4BF6-BE53-FA6261FF969B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{06190683-94A7-462C-BF33-D8DE9DC73EF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{B8C67915-FB09-461D-8B0F-15100BFE3F89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FB048A7-2D57-4DEC-BEF4-2DE7CE153CF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{19AC9963-0DC4-4BEB-89CC-6FB224855B5B}] => (Allow) LPort=1900
FirewallRules: [{983C26A4-90CE-410F-A263-AF7EABCB1DDF}] => (Allow) LPort=2869
FirewallRules: [{08BAF4BB-DCF6-40DB-9D02-087D68AFD9AD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7BD47BC4-620E-4102-BDFE-DAA8CC2A555C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E664925A-B83A-4530-AF72-7D1F0C0C86FD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1BDCB2FA-2DFC-423E-8A32-CD261B1B764D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CB30C67-CFB7-41A5-899D-4EC999721796}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{63876693-1A38-4BEC-B05A-76820122B8D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BB555E2E-D8A0-45AE-80D8-D9ACA41253DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{1E1D9492-6244-4E47-AD58-427636C1C737}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{FB64C4F3-7FAF-4A54-BCF1-97B1449BA50C}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [TCP Query User{CF791C29-ABDE-49EE-8553-A641960F5725}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{B2D8C3C5-41BF-472E-895E-6325AF6172A9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{4974F657-632B-4F17-8A30-71778DA2F2E0}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{6542C786-4B80-4CBA-A5D4-1EAFC15B26E1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{444F1D2F-FBA1-4D3B-AD76-198DD0275822}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{8DF48FCA-561F-4A04-997E-272C9FA7BFAD}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{FFE1247B-468B-4247-A102-7D40160DA777}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C739E9C-9BED-468A-A397-73B5B40D9067}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0CFD6A1A-6EA0-4B8E-9F0C-D376CE31378F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14 Demo\Game\fifa14_demo.exe
FirewallRules: [{9A55A05A-E229-4A83-AF7C-D6FC783C3A08}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14 Demo\Game\fifa14_demo.exe
FirewallRules: [{BDBEE78E-663C-4A32-989D-5737CB5D9FB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DreadOut Demo\DreadOutDemo.exe
FirewallRules: [{EEBA271A-601C-46CB-B4FA-9F786666DAF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DreadOut Demo\DreadOutDemo.exe
FirewallRules: [{52C3CB11-4EFF-4109-B303-3AC95DDB4831}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{B4863902-1E2A-4702-B24F-1A637AE58BAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{B85DF138-37D2-442B-A5FF-6F8E2A479346}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{38A5CF0A-38C0-49EA-9E13-B65F17FF964F}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{91223428-1506-4680-B804-8DBBFA875CAF}] => (Allow) C:\Users\optik\Desktop\firefox.exe
FirewallRules: [{A9DDB4AB-32D0-45E3-9D90-47B29DC1F0A8}] => (Allow) C:\Users\optik\Desktop\firefox.exe
FirewallRules: [{6140C8D5-9317-4EF0-AF1D-93CA91E1FE78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{209D3E66-8194-439D-ABF3-05A5C68727A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [TCP Query User{36457055-BC5F-43FD-B562-2CF06564AC71}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{100CAA9B-2EAB-4E0B-938E-14F1DA41E817}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{B508014B-D7AF-42BD-855D-08A251149A98}] => (Allow) LPort=53000
FirewallRules: [{EA866997-09E6-455C-855B-40C0243A28B3}] => (Allow) LPort=52000

==================== Faulty Device Manager Devices =============

Name: Apple iPhone
Description: Apple iPhone
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Apple Inc.
Service: WUDFWpdMtp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2015 10:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x198c
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 10:36:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x1738
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 10:35:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0xec
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 09:01:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm pcsx2-r4600.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1abc

Startzeit: 01d0a3ae2d66aba0

Endzeit: 4294967295

Anwendungspfad: C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe

Berichts-ID: 1461de32-0fa3-11e5-bea1-b4b52fc7a0fe

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/10/2015 08:49:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x14b8
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 02:52:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x1474
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 02:50:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x158c
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 02:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0xe14
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 01:23:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0xd70
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 01:19:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x14b4
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5


System errors:
=============
Error: (06/12/2015 11:43:26 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/11/2015 03:41:37 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/11/2015 03:39:27 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/11/2015 03:39:23 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/11/2015 03:37:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/10/2015 01:24:11 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/09/2015 08:23:18 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/09/2015 08:23:09 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/09/2015 08:20:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/05/2015 03:05:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office:
=========================
Error: (06/10/2015 10:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016198c01d0a3bd1d54f39bC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe664c929f-0fb0-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 10:36:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016173801d0a3bd0c7887e8C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe57a9ed3a-0fb0-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 10:35:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016ec01d0a3bd01b7032fC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe45efdb19-0fb0-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 09:01:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: pcsx2-r4600.exe0.0.0.01abc01d0a3ae2d66aba04294967295C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe1461de32-0fa3-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 08:49:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c901614b801d0a3ae1afc4ee9C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe60c1331a-0fa1-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 02:52:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016147401d0a37c1abd642aC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe8b2a3147-0f6f-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 02:50:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016158c01d0a37be532cfa8C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe44bb1548-0f6f-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 02:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016e1401d0a37b529ac60aC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe9a9be619-0f6e-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 01:23:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016d7001d0a36fd5019792C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe2386df52-0f63-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 01:19:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c901614b401d0a36ea43523adC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe9e98f13a-0f62-11e5-bea1-b4b52fc7a0fe


CodeIntegrity Errors:
===================================
  Date: 2015-05-13 22:14:11.429
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:11.085
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:10.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:10.585
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:10.178
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:09.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:06.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:06.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:06.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:06.116
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 8147.35 MB
Available physical RAM: 6099.3 MB
Total Pagefile: 8547.35 MB
Available Pagefile: 6033.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1849.89 GB) (Free:1614.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 59A27AD7)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- --- --- --- --- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (W. Rolke) C:\Program Files (x86)\GpuTmp64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard ) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize Startup: C:\Users\optik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GpuTemp.lnk [2014-05-15] ShortcutTarget: GpuTemp.lnk -> C:\Users\optik\AppData\Roaming\Microsoft\Installer\{0FFA85AB-D704-48A6-A009-25A0559152C3}\_1168EA9E829EB9D5F56A58.exe () Startup: C:\Users\optik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar281.lnk [2015-06-12] ShortcutTarget: Sidebar281.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-13] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={EE0600AC-BB70-4284-95DD-AC086AB81948}&mid=3a82d230ca8847cd9d2665fc6923490d-47098512e241147adf33d02b0e79579ba0743eeb&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2015-06-09 22:06:30&v=18.5.0.909&pid=safeguard&sg=&sap=hp HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 SearchScopes: HKLM -> {8218E8BC-E228-4079-8CE7-6EA6CCCEA191} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D032715-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms} SearchScopes: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D032715-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms} SearchScopes: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={EE0600AC-BB70-4284-95DD-AC086AB81948}&mid=3a82d230ca8847cd9d2665fc6923490d-47098512e241147adf33d02b0e79579ba0743eeb&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2015-06-09 22:06:30&v=18.5.0.909&pid=safeguard&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = SearchScopes: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-03] (Avast Software s.r.o.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-03] (Avast Software s.r.o.) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-06-09] (AVG Secure Search) Tcpip\..\Interfaces\{BF2A7DDF-191F-4DBA-9518-9620668B1B1F}: [NameServer] 62.109.121.2 62.109.121.1 FireFox: ======== FF ProfilePath: C:\Users\optik\AppData\Roaming\Mozilla\Firefox\Profiles\p9jyse6p.default-1431195495895 FF NewTab: google.com FF SelectedSearchEngine: AVG Secure Search FF Homepage: google.com FF Keyword.URL: FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-10-30] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-10-30] (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin HKU\S-1-5-21-2461873215-4186745203-1289361242-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\optik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS) FF SearchPlugin: C:\Users\optik\AppData\Roaming\Mozilla\Firefox\Profiles\p9jyse6p.default-1431195495895\searchplugins\avg-secure-search.xml [2015-06-09] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-06-09] FF Extension: Ant Video Downloader - C:\Users\optik\AppData\Roaming\Mozilla\Firefox\Profiles\p9jyse6p.default-1431195495895\Extensions\anttoolbar@ant.com [2015-05-29] FF Extension: WOT - C:\Users\optik\AppData\Roaming\Mozilla\Firefox\Profiles\p9jyse6p.default-1431195495895\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29] FF Extension: Adblock Plus - C:\Users\optik\AppData\Roaming\Mozilla\Firefox\Profiles\p9jyse6p.default-1431195495895\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-12] StartMenuInternet: FIREFOX.EXE - C:\Users\optik\Desktop\firefox.exe Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-13] (Avast Software s.r.o.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [File not signed] R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-09-19] (IDT, Inc.) [File not signed] S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-27] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-13] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-13] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-13] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-13] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-13] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-13] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-13] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-13] () R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation) S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X] S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-12 13:31 - 2015-06-12 13:31 - 02108928 _____ (Farbar) C:\Users\optik\Desktop\FRST64.exe 2015-06-12 13:31 - 2015-06-12 13:31 - 00016859 _____ C:\Users\optik\Desktop\FRST.txt 2015-06-12 13:31 - 2015-06-12 13:31 - 00000000 ____D C:\FRST 2015-06-11 12:15 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-06-11 12:15 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-06-11 12:15 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-06-11 12:15 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-06-11 12:15 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-06-11 12:15 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-06-11 12:15 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-06-11 12:15 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-06-11 12:15 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-06-11 12:15 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-06-11 12:15 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-06-11 12:15 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-06-11 12:15 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-06-11 12:15 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-06-11 12:15 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-06-11 12:15 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-06-11 12:15 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-06-11 12:15 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-06-11 12:15 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-06-11 12:15 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-06-11 12:15 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-06-11 12:15 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-06-11 12:15 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-06-11 12:15 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-06-11 12:15 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-06-11 12:15 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-06-11 12:15 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-06-11 12:15 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-06-11 12:15 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-06-11 12:15 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-06-11 12:15 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-06-11 12:15 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-06-11 12:15 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-06-11 12:15 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-06-11 12:15 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-06-11 12:15 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-06-11 12:15 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-06-11 12:15 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-06-11 12:15 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-06-11 12:15 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-06-11 12:15 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-06-11 12:15 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-06-11 12:15 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-06-11 12:15 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2015-06-11 12:15 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2015-06-11 12:15 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-06-11 12:15 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2015-06-11 12:15 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2015-06-11 12:15 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-06-11 12:15 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-06-11 12:15 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll 2015-06-11 12:15 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-06-11 12:15 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-06-11 12:15 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-06-11 12:15 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-06-11 12:15 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2015-06-11 12:15 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2015-06-11 12:15 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2015-06-11 12:15 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-06-11 12:15 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-06-11 12:15 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-06-11 12:15 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2015-06-11 12:15 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-06-11 12:15 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-06-11 12:15 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2015-06-11 12:15 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-06-11 12:15 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-06-11 12:15 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-06-11 12:15 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-06-11 12:15 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-06-11 12:15 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-06-11 12:15 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2015-06-11 12:15 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2015-06-11 00:14 - 2015-06-11 00:18 - 00000000 ____D C:\Users\optik\Desktop\NullDC 1.0.4-389 2015-06-10 13:13 - 2015-06-11 00:47 - 00000000 ____D C:\Users\optik\Desktop\PCSX2 0.9.8 2015-06-10 13:13 - 2015-06-10 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2 2015-06-09 22:06 - 2015-06-10 16:07 - 00000000 ____D C:\Users\optik\AppData\Local\AVG SafeGuard toolbar 2015-06-09 22:06 - 2015-06-10 13:13 - 00000000 ____D C:\WINDOWS\SysWOW64\directx 2015-06-09 22:06 - 2015-06-09 22:06 - 00000000 ____D C:\ProgramData\AVG Secure Search 2015-06-09 22:06 - 2015-06-09 22:06 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar 2015-06-09 22:06 - 2015-06-09 22:06 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar 2015-06-09 12:41 - 2015-06-09 12:42 - 00000000 ____D C:\Users\optik\Desktop\dolphin-3.0-win64 2015-06-09 00:14 - 2015-06-09 00:46 - 00000000 ____D C:\Users\optik\Desktop\Project64 1.6 2015-06-09 00:14 - 2015-06-09 00:14 - 00000000 ____D C:\Users\optik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6 2015-06-08 15:53 - 2015-06-09 00:28 - 00000000 ____D C:\Users\optik\Desktop\zsnesw151 2015-06-07 22:43 - 2015-06-07 22:49 - 00000000 ____D C:\Users\optik\Desktop\Kawaks 2015-06-05 15:33 - 2015-06-05 15:33 - 00000000 ____D C:\Users\optik\Documents\Skullgirls 2015-06-05 11:44 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-06-05 11:44 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-06-05 11:44 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-06-05 11:44 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-06-05 11:44 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-06-05 11:44 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2015-06-05 11:44 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-06-05 11:44 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-06-03 13:02 - 2015-06-09 20:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-01 21:01 - 2015-06-01 21:01 - 00000000 ____D C:\Users\optik\AppData\Local\GWX 2015-05-17 19:13 - 2015-05-17 19:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf 2015-05-17 18:39 - 2015-05-17 18:39 - 00000122 _____ C:\Users\optik\AppData\Roaming\profiles.ini 2015-05-17 18:39 - 2015-05-17 18:39 - 00000000 ____D C:\Users\optik\AppData\Roaming\Crash Reports 2015-05-13 20:02 - 2015-05-13 20:02 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe 2015-05-13 20:02 - 2015-05-13 20:02 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-12 13:01 - 2014-10-27 15:20 - 01688973 _____ C:\WINDOWS\WindowsUpdate.log 2015-06-12 13:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-06-12 12:53 - 2014-04-09 21:25 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-06-12 12:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-06-12 12:39 - 2014-04-09 20:03 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2461873215-4186745203-1289361242-1001 2015-06-12 12:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-06-12 11:43 - 2014-11-19 23:49 - 00000000 ___RD C:\Users\optik\OneDrive 2015-06-11 21:02 - 2014-06-12 13:29 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-06-11 21:01 - 2014-09-24 08:17 - 01980934 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-06-11 21:01 - 2014-09-24 07:43 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat 2015-06-11 21:01 - 2014-09-24 07:43 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat 2015-06-11 15:37 - 2014-10-27 15:21 - 00000000 ____D C:\ProgramData\NVIDIA 2015-06-11 15:37 - 2013-08-22 16:46 - 00301452 _____ C:\WINDOWS\setupact.log 2015-06-11 15:37 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-06-11 15:37 - 2013-08-22 16:44 - 00351464 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-06-11 14:00 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-06-11 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-06-11 14:00 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-06-11 12:23 - 2014-04-10 12:06 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-06-11 12:23 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-06-11 12:21 - 2014-04-10 12:06 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-06-11 12:03 - 2014-11-04 22:52 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{09DED0F7-12EB-4DA8-8F2B-74E93CB86259} 2015-06-10 13:14 - 2014-10-18 16:28 - 00000000 ____D C:\Users\optik\Documents\PCSX2 2015-06-10 13:13 - 2014-10-18 15:26 - 00000000 ___HD C:\WINDOWS\msdownld.tmp 2015-06-10 13:12 - 2014-10-18 15:25 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.0.0 2015-06-10 12:28 - 2014-12-06 19:26 - 00000000 ____D C:\Users\optik\AppData\Roaming\vlc 2015-06-09 21:53 - 2014-12-29 20:56 - 00000000 ____D C:\Users\optik\AppData\Local\JDownloader v2.0 2015-06-09 21:46 - 2014-10-18 16:04 - 00000000 ____D C:\Users\optik\AppData\Local\QuickPar 2015-06-09 20:20 - 2014-09-23 23:06 - 00121320 _____ C:\WINDOWS\PFRO.log 2015-06-09 20:20 - 2014-04-29 08:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-06-09 20:18 - 2014-12-13 22:55 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-06-09 20:18 - 2014-09-24 09:43 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-06-07 00:21 - 2014-04-09 21:03 - 00000000 ____D C:\ProgramData\Origin 2015-06-06 23:27 - 2014-04-09 20:47 - 00000000 ____D C:\Program Files (x86)\Steam 2015-06-05 14:41 - 2015-05-01 19:31 - 00000000 ____D C:\Users\optik\Desktop\ergün raptexte 2015-06-04 01:44 - 2015-05-01 19:30 - 00000000 ____D C:\Users\optik\Desktop\engin raptexte 2015-06-03 18:18 - 2014-09-24 09:46 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-06-03 18:18 - 2014-09-24 09:46 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-28 14:14 - 2015-02-20 23:35 - 00000000 ____D C:\Users\optik\Desktop\Neuer Ordner (2) 2015-05-21 22:32 - 2014-08-10 21:13 - 00000000 ____D C:\Users\optik\Desktop\Musik 2015-05-21 13:18 - 2014-04-09 21:25 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-05-20 21:38 - 2015-04-04 18:55 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-05-20 21:38 - 2015-04-04 18:55 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-05-19 13:24 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-05-17 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\tracing 2015-05-17 18:32 - 2014-04-09 20:25 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-05-16 12:32 - 2014-12-06 19:25 - 00001088 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-05-13 20:02 - 2014-06-12 13:29 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-05-13 20:02 - 2014-06-12 13:29 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-05-13 20:02 - 2014-06-12 13:29 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-05-13 20:02 - 2014-06-12 13:29 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys 2015-05-13 20:02 - 2014-06-12 13:29 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2015-05-13 20:02 - 2014-06-12 13:29 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-05-13 20:02 - 2014-06-12 13:29 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-05-13 20:02 - 2014-06-12 13:29 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys ==================== Files in the root of some directories ======= 2012-03-11 02:46 - 2012-03-11 02:46 - 0101888 _____ (W. Rolke) C:\Program Files (x86)\GpuTmp64.exe 2010-11-11 16:34 - 2014-12-10 16:29 - 0201728 _____ (Freebyte.com) C:\Program Files (x86)\hjsplit.exe 2007-04-27 11:06 - 2014-10-27 01:23 - 0148416 _____ (Macrovision Corporation) C:\Program Files (x86)\_setup.dll 2015-05-17 18:39 - 2015-05-17 18:39 - 0000122 _____ () C:\Users\optik\AppData\Roaming\profiles.ini 2015-03-27 14:22 - 2015-04-08 20:27 - 0877747 ____N () C:\Users\optik\AppData\Local\Tempmusic.ogg 2014-04-09 19:57 - 2014-04-09 19:57 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Files to move or delete: ==================== C:\Users\optik\setup.exe Some files in TEMP: ==================== C:\Users\optik\AppData\Local\Temp\AVGTBInstall.exe C:\Users\optik\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\optik\AppData\Local\Temp\oi_{25F1DD8D-3F51-4AA2-B94E-01570A259D3B}.exe C:\Users\optik\AppData\Local\Temp\proxy_vole4574361543820981231.dll C:\Users\optik\AppData\Local\Temp\SpOrder.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-11 22:11 ==================== End of log ============================
--- --- ---
[/CODE]
__________________

Geändert von ertanal (12.06.2015 um 12:38 Uhr)

Alt 12.06.2015, 12:39   #4
ertanal
 
Pishing Mail ? - Standard

Pishing Mail ?



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by optik at 2015-06-12 13:32:02
Running from C:\Users\optik\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2461873215-4186745203-1289361242-500 - Administrator - Disabled)
Gast (S-1-5-21-2461873215-4186745203-1289361242-501 - Limited - Disabled)
optik (S-1-5-21-2461873215-4186745203-1289361242-1001 - Administrator - Enabled) => C:\Users\optik
UpdatusUser (S-1-5-21-2461873215-4186745203-1289361242-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{180B50DF-B2C8-43A1-AB97-2101AA62DDD3}) (Version: 12.0.0 - Helmut Buhler)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - Team Psykskallar)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DreadOut Demo (HKLM-x32\...\Steam App 299130) (Version:  - Digital Happiness)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 13 Demo (HKLM-x32\...\{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 Demo (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
Free MP4 Video Converter version 5.0.37.327 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.37.327 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
GpuTemp (HKLM\...\{0FFA85AB-D704-48A6-A009-25A0559152C3}) (Version: 2.1 - WR-Tools)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Rapture3D 2.3.22 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Skullgirls (HKLM-x32\...\Steam App 245170) (Version:  - Lab Zero Games)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Terrordrome_Final (HKLM-x32\...\{1EE65D14-6927-405F-A640-43ECBC9AB85C}) (Version: 2.9.5 - HuracanStudio)
Terrordrome_Final V2.9.5 (HKLM-x32\...\Terrordrome_Final V2.9.5) (Version: V2.9.5 - HuracanStudio)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
Unity Web Player (HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\optik\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\optik\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2461873215-4186745203-1289361242-1001_Classes\CLSID\{9CF1512B-6019-4573-9466-57AA61960209}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points =========================

20-05-2015 13:06:39 Geplanter Prüfpunkt
31-05-2015 13:01:37 Geplanter Prüfpunkt
06-06-2015 14:16:14 Windows Update
09-06-2015 00:13:50 Installed Project64 1.6

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06B26CBD-75FC-4814-98CB-6337BE595DB5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {14622FD5-343E-43E2-AA67-CAA028E8E313} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-21] (Adobe Systems Incorporated)
Task: {4DF1BE17-5553-4393-9D8E-C8F52906C260} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {5E25D2EF-EC7A-48CB-89EF-50FE6C724C02} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6A99E002-2095-4572-8F7D-0E9D1C8581A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {8435C395-5D8F-49F4-A3F4-4BC9A83B33E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {8586DDAE-77F0-4FE2-9790-8389CCB53926} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {9637C51F-F76B-4FC1-B908-2613AA3B89B3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {9C207940-0D1F-40E8-AE96-65490CA4E91C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {B5D22752-A7C4-4B63-9FF9-D6560E5F5C1F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-13] (Avast Software s.r.o.)
Task: {EB6297F0-74C2-43CF-AD71-3031D0F0FF0F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {EF42B16B-BD18-4A65-9BAE-5947BC9A4ADF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F29078D9-C8A1-4E6C-8747-40828071D39D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {F92C8E55-E6DB-4E41-BD9C-EEAE1810FCB2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-11] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2012-08-29 12:02 - 2012-08-29 12:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-10-27 15:21 - 2014-10-30 04:10 - 00117064 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-27 16:11 - 2014-10-27 16:11 - 00120224 _____ () C:\Users\optik\AppData\Local\assembly\dl3\4K796MHC.KKM\9BQW35LW.Q7P\98a9c14b\0017145d_cd85cd01\HPItunesModule.DLL
2015-05-13 20:02 - 2015-05-13 20:02 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-13 20:02 - 2015-05-13 20:02 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-11 12:16 - 2015-06-11 12:16 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061100\algo.dll
2015-06-12 12:19 - 2015-06-12 12:19 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061200\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-26 19:05 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-11-26 19:10 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-03-17 12:13 - 2015-03-17 12:13 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\optik\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2461873215-4186745203-1289361242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\optik\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 62.109.121.2 - 62.109.121.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{1290F6E6-8A57-4451-BCC6-24FFC78A06AA}C:\users\optik\desktop\pyload-v0.4.9-win\pyload\dist\pyloadcore.exe] => (Block) C:\users\optik\desktop\pyload-v0.4.9-win\pyload\dist\pyloadcore.exe
FirewallRules: [TCP Query User{EA2FE541-DC25-4B04-A2EE-18A47391A251}C:\users\optik\desktop\pyload-v0.4.9-win\pyload\dist\pyloadcore.exe] => (Block) C:\users\optik\desktop\pyload-v0.4.9-win\pyload\dist\pyloadcore.exe
FirewallRules: [UDP Query User{DCC6B67A-69E0-447A-AF40-059D9DC9F1DB}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{4AA3DA39-96E4-47D0-ACC5-CCB39770F83C}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{22C48B7E-FC1D-4CBD-8655-843BEF3FE8CE}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [TCP Query User{29D859C4-9CEC-4EF4-9C1C-445AA912950F}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [{E0C52C12-0B7D-4D13-8B4B-5D95F6D1D7AA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{23C45605-B5E2-47BE-9749-9040E171EBBA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{B00B1C5A-DDEB-4DEC-BB60-A04BF87F1B72}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{21686015-0057-491B-A66F-5E0553F736AC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B1F110D5-EED6-4CBD-A7AE-7EBC83A89AE4}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\gu.exe
FirewallRules: [{6FC06191-EDF1-4216-9A4E-6FDD7B78FBFC}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\gu.exe
FirewallRules: [{366B2DE1-2C4C-4BE5-8A1F-1E849BA5E851}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\Rayman Origins.exe
FirewallRules: [{61253F81-CD4E-4C5A-AD87-50EC7E6F5B9E}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\Rayman Origins.exe
FirewallRules: [{17A17685-47A0-44A1-A380-7DAD7EF24B88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{60A61EFA-3CD6-40A5-9884-D4D71E5352E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{0F639903-8662-4DA9-A009-1988624EBE1A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{5DBEEF1B-0E0E-4F73-8C82-ED9DFF228538}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{A50DB810-DADB-406B-87FD-77C9EB03D6EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{C551166D-F754-4F4F-93DA-E861C2316BAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darkness II\DarknessII.exe
FirewallRules: [{04A8AD80-1190-4C5B-A31A-2976739D2A6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darkness II\DarknessII.exe
FirewallRules: [{50414D68-36B5-43AC-AFA9-5FDBACCE44FD}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13 Demo\Game\fifa13_demo.exe
FirewallRules: [{513E52D3-344D-4D06-BB3B-F5FCB898E342}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13 Demo\Game\fifa13_demo.exe
FirewallRules: [{F23E50E8-86F1-4BF6-BE53-FA6261FF969B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{06190683-94A7-462C-BF33-D8DE9DC73EF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{B8C67915-FB09-461D-8B0F-15100BFE3F89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FB048A7-2D57-4DEC-BEF4-2DE7CE153CF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{19AC9963-0DC4-4BEB-89CC-6FB224855B5B}] => (Allow) LPort=1900
FirewallRules: [{983C26A4-90CE-410F-A263-AF7EABCB1DDF}] => (Allow) LPort=2869
FirewallRules: [{08BAF4BB-DCF6-40DB-9D02-087D68AFD9AD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7BD47BC4-620E-4102-BDFE-DAA8CC2A555C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E664925A-B83A-4530-AF72-7D1F0C0C86FD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1BDCB2FA-2DFC-423E-8A32-CD261B1B764D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CB30C67-CFB7-41A5-899D-4EC999721796}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{63876693-1A38-4BEC-B05A-76820122B8D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BB555E2E-D8A0-45AE-80D8-D9ACA41253DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{1E1D9492-6244-4E47-AD58-427636C1C737}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{FB64C4F3-7FAF-4A54-BCF1-97B1449BA50C}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [TCP Query User{CF791C29-ABDE-49EE-8553-A641960F5725}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{B2D8C3C5-41BF-472E-895E-6325AF6172A9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{4974F657-632B-4F17-8A30-71778DA2F2E0}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{6542C786-4B80-4CBA-A5D4-1EAFC15B26E1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{444F1D2F-FBA1-4D3B-AD76-198DD0275822}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{8DF48FCA-561F-4A04-997E-272C9FA7BFAD}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{FFE1247B-468B-4247-A102-7D40160DA777}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C739E9C-9BED-468A-A397-73B5B40D9067}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0CFD6A1A-6EA0-4B8E-9F0C-D376CE31378F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14 Demo\Game\fifa14_demo.exe
FirewallRules: [{9A55A05A-E229-4A83-AF7C-D6FC783C3A08}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14 Demo\Game\fifa14_demo.exe
FirewallRules: [{BDBEE78E-663C-4A32-989D-5737CB5D9FB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DreadOut Demo\DreadOutDemo.exe
FirewallRules: [{EEBA271A-601C-46CB-B4FA-9F786666DAF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DreadOut Demo\DreadOutDemo.exe
FirewallRules: [{52C3CB11-4EFF-4109-B303-3AC95DDB4831}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{B4863902-1E2A-4702-B24F-1A637AE58BAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{B85DF138-37D2-442B-A5FF-6F8E2A479346}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{38A5CF0A-38C0-49EA-9E13-B65F17FF964F}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{91223428-1506-4680-B804-8DBBFA875CAF}] => (Allow) C:\Users\optik\Desktop\firefox.exe
FirewallRules: [{A9DDB4AB-32D0-45E3-9D90-47B29DC1F0A8}] => (Allow) C:\Users\optik\Desktop\firefox.exe
FirewallRules: [{6140C8D5-9317-4EF0-AF1D-93CA91E1FE78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{209D3E66-8194-439D-ABF3-05A5C68727A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [TCP Query User{36457055-BC5F-43FD-B562-2CF06564AC71}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{100CAA9B-2EAB-4E0B-938E-14F1DA41E817}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{B508014B-D7AF-42BD-855D-08A251149A98}] => (Allow) LPort=53000
FirewallRules: [{EA866997-09E6-455C-855B-40C0243A28B3}] => (Allow) LPort=52000

==================== Faulty Device Manager Devices =============

Name: Apple iPhone
Description: Apple iPhone
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Apple Inc.
Service: WUDFWpdMtp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2015 10:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x198c
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 10:36:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x1738
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 10:35:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0xec
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 09:01:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm pcsx2-r4600.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1abc

Startzeit: 01d0a3ae2d66aba0

Endzeit: 4294967295

Anwendungspfad: C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe

Berichts-ID: 1461de32-0fa3-11e5-bea1-b4b52fc7a0fe

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/10/2015 08:49:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x14b8
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 02:52:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x1474
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 02:50:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x158c
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 02:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0xe14
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 01:23:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0xd70
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5

Error: (06/10/2015 01:19:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Name des fehlerhaften Moduls: pcsx2-r4600.exe, Version: 0.0.0.0, Zeitstempel: 0x4db89265
Ausnahmecode: 0xc0000005
Fehleroffset: 0x014c9016
ID des fehlerhaften Prozesses: 0x14b4
Startzeit der fehlerhaften Anwendung: 0xpcsx2-r4600.exe0
Pfad der fehlerhaften Anwendung: pcsx2-r4600.exe1
Pfad des fehlerhaften Moduls: pcsx2-r4600.exe2
Berichtskennung: pcsx2-r4600.exe3
Vollständiger Name des fehlerhaften Pakets: pcsx2-r4600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcsx2-r4600.exe5


System errors:
=============
Error: (06/12/2015 11:43:26 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/11/2015 03:41:37 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/11/2015 03:39:27 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/11/2015 03:39:23 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/11/2015 03:37:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/10/2015 01:24:11 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/09/2015 08:23:18 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/09/2015 08:23:09 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (06/09/2015 08:20:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/05/2015 03:05:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office:
=========================
Error: (06/10/2015 10:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016198c01d0a3bd1d54f39bC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe664c929f-0fb0-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 10:36:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016173801d0a3bd0c7887e8C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe57a9ed3a-0fb0-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 10:35:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016ec01d0a3bd01b7032fC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe45efdb19-0fb0-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 09:01:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: pcsx2-r4600.exe0.0.0.01abc01d0a3ae2d66aba04294967295C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe1461de32-0fa3-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 08:49:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c901614b801d0a3ae1afc4ee9C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe60c1331a-0fa1-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 02:52:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016147401d0a37c1abd642aC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe8b2a3147-0f6f-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 02:50:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016158c01d0a37be532cfa8C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe44bb1548-0f6f-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 02:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016e1401d0a37b529ac60aC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe9a9be619-0f6e-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 01:23:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c9016d7001d0a36fd5019792C:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe2386df52-0f63-11e5-bea1-b4b52fc7a0fe

Error: (06/10/2015 01:19:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcsx2-r4600.exe0.0.0.04db89265pcsx2-r4600.exe0.0.0.04db89265c0000005014c901614b401d0a36ea43523adC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exeC:\Users\optik\Desktop\PCSX2 0.9.8\pcsx2-r4600.exe9e98f13a-0f62-11e5-bea1-b4b52fc7a0fe


CodeIntegrity Errors:
===================================
  Date: 2015-05-13 22:14:11.429
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:11.085
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:10.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:10.585
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:10.178
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:09.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:06.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:06.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:06.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 22:14:06.116
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 8147.35 MB
Available physical RAM: 6099.3 MB
Total Pagefile: 8547.35 MB
Available Pagefile: 6033.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1849.89 GB) (Free:1614.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 59A27AD7)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---

Alt 13.06.2015, 08:15   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Pishing Mail ? - Standard

Pishing Mail ?



Sieht gut aus, wurde rechtzeitig geblockt

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.06.2015, 09:44   #6
ertanal
 
Pishing Mail ? - Standard

Pishing Mail ?



@Schrauber

Und war es eine Pishing Mail?
Kann ich die Mail sorgenlos ignorieren?

Danke im voraus

Alt 14.06.2015, 06:05   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Pishing Mail ? - Standard

Pishing Mail ?



Ja kannst Du
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Pishing Mail ?
bekannte, confused, deutsche, deutschen, durchführen, erforderlich, html, infektion, innerhalb, inter, interne, internet, klicke, klicken, mail, ordner, pishing, sofort, spam, stehe, tagen, unbekannte, unbekannten



Ähnliche Themen: Pishing Mail ?


  1. Ebay - Pishing
    Diskussionsforum - 17.05.2015 (1)
  2. pishing mail von Vodafone erhalten und geöffnet
    Log-Analyse und Auswertung - 20.11.2014 (1)
  3. zip-Anhang in Pishing-Mail geöffnet - Trojaner oder Virus auf meinem Laptop?
    Plagegeister aller Art und deren Bekämpfung - 05.09.2014 (5)
  4. Pishing Mail zur Mastercard Verifizierung - Link angeklickt - Imac, System 10.6.8
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (3)
  5. Telekom Pishing mail auf MAC-Book geöffnet
    Plagegeister aller Art und deren Bekämpfung - 12.06.2014 (3)
  6. Pishing mail postbank-online banking Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 13.05.2014 (17)
  7. Pishing mail postbank-online banking Anhang geöffnet
    Lob, Kritik und Wünsche - 12.05.2014 (0)
  8. Anhang einer Pishing Mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (1)
  9. Amazon Pishing-Mail
    Plagegeister aller Art und deren Bekämpfung - 04.04.2014 (2)
  10. Link in Pishing Mail angeklickt
    Plagegeister aller Art und deren Bekämpfung - 16.03.2014 (7)
  11. Logs nach Pishing Mail
    Log-Analyse und Auswertung - 25.01.2014 (9)
  12. Pishing Mail Diba, Link geöffnet und ausgefüllt - aber nicht abgeschickt
    Plagegeister aller Art und deren Bekämpfung - 02.11.2013 (1)
  13. Paypal Pishing
    Plagegeister aller Art und deren Bekämpfung - 21.02.2013 (14)
  14. tr/atraps.gen und gen2 und die Nachwehen (Pishing Mail)
    Plagegeister aller Art und deren Bekämpfung - 06.10.2012 (4)
  15. Sehr merkwürdige Pishing-Mail - System gehackt ?
    Plagegeister aller Art und deren Bekämpfung - 20.04.2011 (0)
  16. Bank Pishing
    Log-Analyse und Auswertung - 24.06.2008 (18)
  17. PAYPAL Pishing
    Log-Analyse und Auswertung - 03.03.2008 (15)

Zum Thema Pishing Mail ? - Hallo TB-Bewohner, ich habe in meinem "Unbekannten Ordner" eine Mail stehen von der Deutschen Bank. So lautet die überschrift: "sicheres-bezahlen im Internet - Bestätigung erforderlich!" ich soll auf Bestätigung durchführen - Pishing Mail ?...
Archiv
Du betrachtest: Pishing Mail ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.