| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Ungültiges Bild (error) VC32LOWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.04.2015, 16:07
| #1 |
| |  Windows 7: Ungültiges Bild (error) VC32LO Hallo, Ich Marcel M. (23) habe folgendes Problem: Als ich Heute meinen Laptop (Asus G74S) gestartet habe, kam ein Errorfenster mit dem Namen "(als erstes ein name wie z.B steam.exe) - Ungültiges Bild" und im Fenster steht immer "C:\Progra~2\Search~1\Search~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält einen Fehler. Installieren Sie das Programm mit den Originalinstallationsmedien erneut, oder wenden Sie sich an den Systemadministrator oder Softwarelieferanten, Um Unterstützung zu erhalten." Dieses Fenster kommt sehr häufig beim starten von Windows und dann temporär, wenn Ich irgendwelche Programme oder ähnliches öffne. Mein System: Windows 7 Home Premium Systemtyp: 64 Bit-Betriebssystem Arbeitsspeicher: 8GB Prozessor: Inte(R) Core(TM) i7-2670QM CPU @ 2.20GHz Ich habe noch garnichts unternommen, habe nur mit 'FRST 64Bit' ein Scan durchgeführt -> FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by Marci (administrator) on ASUSG74 on 14-04-2015 16:45:18
Running from C:\Users\Marci\Desktop
Loaded Profiles: Marci & (Available profiles: Marci)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files\Asus\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
() C:\ExpressGateUtil\VAWinService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Spotify Ltd) C:\Users\Marci\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Marci\AppData\Roaming\Spotify\Spotify.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Marci\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUS) C:\Windows\AsScrPro.exe
() C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
() C:\ExpressGateUtil\VAWinAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Visicom Media Inc. (Powered by Panda Security)) C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Razer USA Ltd.) C:\Program Files (x86)\Razer\Tarantula\razerhid.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Spotify Ltd) C:\Users\Marci\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Marci\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
() C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Razer\Tarantula\razertra.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869008 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [100112 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2011-12-20] (ASUS)
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909312 2011-03-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [CPMonitor] => C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe [84464 2011-04-01] ()
HKLM-x32\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-04-08] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [DeathAdder] => C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [248832 2012-01-14] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-06] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Anti-phishing Domain Advisor] => C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [232616 2012-01-17] (Visicom Media Inc. (Powered by Panda Security))
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1564880 2012-05-29] (Ask)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [48128 2012-07-19] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [Tarantula] => C:\Program Files (x86)\Razer\Tarantula\razerhid.exe [159744 2007-05-07] (Razer USA Ltd.)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] ()
HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2013-11-12] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Run: [Spotify Web Helper] => C:\Users\Marci\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-18] (Spotify Ltd)
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Run: [PriceMeterW] => "C:\Users\Marci\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Run: [Spotify] => C:\Users\Marci\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-18] (Spotify Ltd)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [263952 2015-04-12] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [223504 2015-04-12] ()
Startup: C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
URLSearchHook: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://blekko.com/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb&u=20120408217B472BB7BAB314064B3F6E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000 -> {F9A7C24B-42F9-4910-AF51-F43B0FC69209} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=ffaae8c0-1033-45c1-9098-6dfae1dc7a99&apn_sauid=D7A574B5-E1D3-4C95-AD1B-C8790D48DEA0
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-05-29] (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-22] (Oracle Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-05-29] (Ask)
Toolbar: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=MF4EF329C-1A7D-4430-935B-4B54A32A05A3&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPE57B27DA-DF99-47DB-9243-3EB2C46653C2
FF SelectedSearchEngine: Trovi
FF Homepage: https://www.youtube.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-1586699263-1730969920-3125584917-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-25] ()
FF user.js: detected! => C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\user.js [2014-07-19]
FF Extension: Avira Browser Safety - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\Extensions\abs@avira.com [2015-03-31]
FF Extension: Battlefield Heroes Updater - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\Extensions\battlefieldheroespatcher@ea.com [2012-10-01]
FF Extension: FireJump - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\Extensions\firejump@firejump.net [2013-01-19]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\Extensions\toolbar@ask.com [2012-06-19]
FF Extension: Preispilot - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\Extensions\extension@preispilot.com.xpi [2013-01-20]
FF Extension: MEGA - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\Extensions\firefox@mega.co.nz.xpi [2014-12-20]
FF Extension: Adblock Plus - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-10]
FF HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\extensions\extension@preispilot.com
FF HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\0lxcl8t7.default\extensions\firejump@firejump.net
FF HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AsusUacSvc; C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [113840 2010-07-27] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [817536 2015-01-27] ()
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3251472 2015-04-12] (Client Connect LTD)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2013-11-12] (Portrait Displays, Inc.)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-25] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-18] ()
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2011-01-28] (PostgreSQL Global Development Group) [File not signed]
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-26] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTek Computer Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2012-01-24] (Turtle Entertainment GmbH)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2013-12-22] (<Turtle Entertainment>)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [76584 2012-07-19] (Fresco Logic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-01-26] (Synaptics Incorporated)
R3 TarFltr; C:\Windows\System32\drivers\UsbFltr.sys [49664 2007-04-11] (Razer USA Ltd.)
S3 massfilter; system32\drivers\massfilter.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 16:45 - 2015-04-14 16:45 - 00032311 _____ () C:\Users\Marci\Desktop\FRST.txt
2015-04-14 16:44 - 2015-04-14 16:45 - 00000000 ____D () C:\FRST
2015-04-14 16:42 - 2015-04-14 16:42 - 02096640 _____ (Farbar) C:\Users\Marci\Desktop\FRST64.exe
2015-04-14 15:31 - 2015-04-14 15:31 - 00003458 _____ () C:\Windows\System32\Tasks\avaavaevy
2015-04-14 15:31 - 2015-04-14 15:31 - 00000000 ____D () C:\Users\Marci\AppData\Local\avaavaevy
2015-04-05 11:31 - 2015-04-05 11:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-05 03:00 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 03:00 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-26 16:08 - 2015-04-09 19:47 - 00000000 ____D () C:\Users\Marci\AppData\Local\Arma 3 Launcher
2015-03-26 16:08 - 2015-03-26 16:08 - 00000000 ____D () C:\Users\Marci\AppData\Local\Bohemia_Interactive
2015-03-25 17:10 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 17:10 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 17:10 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 17:10 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 17:10 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 17:10 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 17:10 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 17:10 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 16:45 - 2013-03-23 15:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-14 16:44 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 16:44 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 16:39 - 2014-01-30 19:04 - 00000000 ____D () C:\Users\Marci\AppData\Local\Spotify
2015-04-14 16:38 - 2011-02-19 06:24 - 00711530 _____ () C:\Windows\system32\perfh007.dat
2015-04-14 16:38 - 2011-02-19 06:24 - 00153720 _____ () C:\Windows\system32\perfc007.dat
2015-04-14 16:38 - 2009-07-14 07:13 - 01652988 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 16:36 - 2014-03-18 21:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-14 16:36 - 2014-01-30 19:02 - 00000000 ____D () C:\Users\Marci\AppData\Roaming\Spotify
2015-04-14 16:36 - 2013-12-08 13:33 - 00000000 ____D () C:\Users\Marci\AppData\Local\CrashDumps
2015-04-14 16:36 - 2013-10-31 18:41 - 00000380 _____ () C:\Users\Marci\AppData\Roaming\sp_data.sys
2015-04-14 16:36 - 2012-09-23 23:01 - 00000000 ___RD () C:\Users\Marci\Dropbox
2015-04-14 16:36 - 2012-09-23 22:59 - 00000000 ____D () C:\Users\Marci\AppData\Roaming\Dropbox
2015-04-14 16:35 - 2011-12-20 01:03 - 02006778 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 16:31 - 2014-07-19 14:05 - 00000960 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2015-04-14 16:31 - 2012-03-01 23:02 - 00000000 ____D () C:\Users\Marci\AppData\Roaming\TS3Client
2015-04-14 16:31 - 2011-10-19 05:20 - 00630610 _____ () C:\Windows\PFRO.log
2015-04-14 16:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 16:31 - 2009-07-14 06:51 - 00351070 _____ () C:\Windows\setupact.log
2015-04-14 16:10 - 2014-07-19 14:05 - 00000964 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2015-04-14 15:31 - 2015-01-27 23:57 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2015-04-14 15:28 - 2014-03-24 18:52 - 00000000 ____D () C:\Users\Marci\AppData\Local\Arma 3
2015-04-12 12:57 - 2012-09-23 22:59 - 00000000 ____D () C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-08 15:36 - 2012-05-08 16:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 15:45 - 2013-08-16 11:08 - 00000000 ____D () C:\Users\Marci\AppData\Roaming\Avira
2015-03-26 16:06 - 2014-12-11 15:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 16:06 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-25 17:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-18 21:50 - 2014-01-30 19:04 - 00001808 _____ () C:\Users\Marci\Desktop\Spotify.lnk
2015-03-18 21:50 - 2014-01-30 19:04 - 00001794 _____ () C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
==================== Files in the root of some directories =======
2012-03-04 16:37 - 2012-01-24 14:50 - 0168864 _____ () C:\Program Files\Common Files\WireHelpSvc.exe
2014-05-11 20:52 - 2014-05-11 20:52 - 0000282 _____ () C:\Users\Marci\AppData\Roaming\BreakingPoint_Login.ini
2014-05-10 23:03 - 2014-05-11 20:54 - 0001301 _____ () C:\Users\Marci\AppData\Roaming\BreakingPoint_Options.ini
2013-10-31 18:41 - 2015-04-14 16:36 - 0000380 _____ () C:\Users\Marci\AppData\Roaming\sp_data.sys
2014-02-26 18:41 - 2014-11-19 18:37 - 0007623 _____ () C:\Users\Marci\AppData\Local\Resmon.ResmonCfg
2011-10-19 06:26 - 2010-10-06 18:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2011-12-20 01:18 - 2011-12-20 01:18 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-12-20 01:17 - 2011-12-20 01:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-12-20 01:17 - 2011-12-20 01:17 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some content of TEMP:
====================
C:\Users\Marci\AppData\Local\Temp\avgnt.exe
C:\Users\Marci\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaedohy.dll
C:\Users\Marci\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Marci\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Marci\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Marci\AppData\Local\Temp\Gw2.exe
C:\Users\Marci\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Marci\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marci\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Marci\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Marci\AppData\Local\Temp\nvStInst.exe
C:\Users\Marci\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Marci\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Marci\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Marci\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Marci\AppData\Local\Temp\sfareca00001.dll
C:\Users\Marci\AppData\Local\Temp\sfextra.dll
C:\Users\Marci\AppData\Local\Temp\sonarinst.exe
C:\Users\Marci\AppData\Local\Temp\utt840F.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 07:47
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by Marci at 2015-04-14 16:45:47
Running from C:\Users\Marci\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\uTorrent) (Version: 3.4.2.38397 - BitTorrent Inc.)
A3Launcher version 0.0.0.9 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4CFDE640DF}_is1) (Version: 0.0.0.9 - Maca134)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anti-phishing Domain Advisor (HKLM-x32\...\Anti-phishing Domain Advisor) (Version: 1.0.0.0 - Visicom Media Inc. (Powered by Panda Security))
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version: - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.2.0 - Ask.com) <==== ATTENTION
Assassin's Creed(R) III v1.03 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.03 - Ubisoft)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.23 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.8 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_G74 Series_ENG (HKLM-x32\...\AsusScr_G74 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.3.0.23268 - Ask.com) <==== ATTENTION
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{7B2CA5E9-763C-4FCE-81EE-13E81ABFE908}) (Version: 0.92.115 - Dotjosh Studios)
DayZLauncher version 0.0.0.7 (HKLM-x32\...\{E31045B4-9DB5-44DF-9EBD-BD4CFDE640FD}_is1) (Version: 0.0.0.7 - Maca134)
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version: - Oberon Media)
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.11.002 - Portrait Displays, Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
ESL Wire 1.17.3 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
ExpressGateCloud (HKLM-x32\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.6.27.160 - VideACE Co.)
ExpressGateCloud (x32 Version: 2.6.27.160 - VideACE Co.) Hidden
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version: - Oberon Media)
FireJump (HKLM-x32\...\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1) (Version: 1.0.2.5 - FireJump.net)
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Fresco Logic USB3.0 Host Controller (HKLM\...\{FFF6BB59-380A-4338-AEFB-226F511C0713}) (Version: 3.5.73.0 - Fresco Logic Inc.)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
GameFast.exe (HKLM\...\GameFast_is1) (Version: 1.0.0.1 - ASUSTEK Computer Inc)
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version: - Oberon Media)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version: - Oberon Media)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Medal of Honor™ Warfighter (HKLM-x32\...\{48379835-BF2E-4487-9CB1-D5E654502B53}) (Version: 1.0.0.0 - Electronic Arts)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.2.0.0 - Electronic Arts)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
Pivot Pro Plugin (x32 Version: 9.61.004 - Portrait Displays, Inc.) Hidden
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version: - Oberon Media)
PokerClue (HKLM-x32\...\{4C48700A-1A06-4DB1-A5E5-B25520C1ED54}) (Version: 1.00.0000 - Koreleone | Software)
PokerRoom Home Game Organizer (HKLM-x32\...\PokerRoom Home Game Organizer) (Version: - )
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Pokerstartkapital BlindTimer v3.1 (HKLM-x32\...\Pokerstartkapital.info BlindTimer_is1) (Version: - Pokerstartkapital)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Preispilot für Firefox (HKLM-x32\...\{0D8E6567-7082-48DB-A305-293873AC8B39}_is1) (Version: 2.0 - Preispilot)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Razer DeathAdder(TM) Mouse (HKLM-x32\...\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}) (Version: 3.05 - Razer Inc.)
Razer Tarantula (HKLM-x32\...\{655B9514-3963-490B-9EE1-431E80444889}) (Version: 5.01 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6564 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Rotation Desktop for G Series.exe (HKLM\...\Rotation Desktop for G Series_is1) (Version: 1.0.0.9 - ASUSTEK Computer Inc)
Roxio CinePlayer (HKLM-x32\...\{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}) (Version: 5.8.58232.1 - Roxio)
SDK (x32 Version: 2.40.007 - Portrait Displays, Inc.) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.22.26.1 - Client Connect LTD) <==== ATTENTION
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
THX TruStudio (HKLM-x32\...\{B11AB9C8-18A6-41DC-98B4-4988CC030136}) (Version: 1.03.01 - Creative Technology Limited)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
Titanfall™-Beta (HKLM-x32\...\{E933BD1A-9B05-42A3-A1CF-3DA81C72E454}) (Version: 1.0.0.0 - Electronic Arts)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.0 - ASUS)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version: - Oberon Media)
WS Launcher (HKLM-x32\...\{575E5E77-2C8E-405F-AB8E-9A7418B704CF}) (Version: 0.0.0.9 - Launcher)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1586699263-1730969920-3125584917-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marci\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-04-2015 15:30:23 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {035A019C-E04E-4CE5-9CBB-F1FC495CE4C9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {24EF5DBE-AFC1-487A-8E23-4E4BD7CB5161} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2012-01-31] (ASUSTek Computer Inc.)
Task: {3D4FE3BF-6273-415B-A8D9-827D08B59E29} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-05-29] () <==== ATTENTION
Task: {3F29B975-CB79-4C9C-A018-C4B530A6D5B2} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: {47641524-8A52-40C7-9903-F196D907D01F} - System32\Tasks\{1561C887-2692-4C88-91FD-660A9E6C6495} => pcalua.exe -a "C:\Program Files (x86)\Origin\EAProxyInstaller.exe" -d "C:\Program Files (x86)\Origin"
Task: {4A93DE3E-8F60-49FF-915B-8B98A4728A53} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {632A08B8-3C81-416E-9F27-410A74A8AAAE} - System32\Tasks\ASUS Patch 10430001 => C:\Windows\AsPatch10430001.exe [2010-07-29] ()
Task: {6A2F713D-141A-49E4-87F7-DC992D620CC8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {6B3AD26E-6C79-43A9-AF85-D2F6F4255777} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {99F6E8DB-5876-4331-8E2B-69BF6244E306} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {A3AA2048-F375-4231-9AED-563AE227C246} - System32\Tasks\avaavaevy => C:\Users\Marci\AppData\Local\avaavaevy\avaavaevy.exe [2015-04-12] () <==== ATTENTION
Task: {A3DF5189-9B54-4436-B589-97226A2760B2} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.)
Task: {C0BC8FBA-3DEB-4925-AC70-DAB73707D8B6} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-01-09] (ASUSTeK Computer Inc.)
Task: {C2EC060E-1E6B-4807-BB4D-3C7D7DD769AE} - System32\Tasks\{7B90BDFD-FF6A-4E49-8237-7CC12D13C132} => pcalua.exe -a "C:\Program Files (x86)\Origin\EAProxyInstaller.exe" -d "C:\Program Files (x86)\Origin"
Task: {D7943F34-11D9-4B01-A094-A965E93319CA} - System32\Tasks\pricemeterdownloader => C:\Users\Marci\AppData\Local\PriceMeter\pricemeterd.exe <==== ATTENTION
Task: {D882862F-6011-443E-97A8-F4B6451D17B0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-01-04] (ASUS)
Task: {DAC59F23-66F5-441A-AF61-46D6C9344C78} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {E7592D61-4BCC-44C2-8FB8-EE2735EF31FB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EF5383D8-68B2-45BF-AEE9-5EA7D99D8B84} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: {F2E8DECD-5F53-444F-A781-F01557BE4B0B} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {F79E7FCD-ABB1-4200-A5C3-FEBAD28F056C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-01-30] (ASUSTek Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) ==============
2013-10-31 18:39 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-12-20 01:13 - 2010-07-27 20:40 - 00113840 _____ () C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
2013-12-22 16:08 - 2013-06-11 11:52 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2013-12-22 16:08 - 2013-07-09 13:12 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2014-12-04 22:12 - 2013-11-12 12:44 - 00274960 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-02-20 12:26 - 2014-06-18 22:24 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-03-26 03:55 - 2011-03-26 03:55 - 00091464 _____ () C:\ExpressGateUtil\VAWinService.exe
2011-12-20 01:14 - 2010-06-08 23:23 - 00236544 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2011-04-01 13:23 - 2011-04-01 13:23 - 00084464 _____ () C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
2011-04-08 07:26 - 2011-04-08 07:26 - 00045448 _____ () C:\ExpressGateUtil\VAWinAgent.exe
2012-02-29 21:37 - 2012-01-14 13:56 - 00248832 _____ () C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
2012-02-29 21:37 - 2011-04-14 12:48 - 01758208 _____ () C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
2014-11-23 15:03 - 2007-03-05 19:17 - 00143360 _____ () C:\Program Files (x86)\Razer\Tarantula\razertra.exe
2014-12-04 22:12 - 2013-06-18 13:26 - 00677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2014-12-04 22:12 - 2013-06-18 13:26 - 00714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-27 00:32 - 2011-01-28 07:15 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2013-01-27 00:32 - 2009-02-12 21:01 - 00976384 _____ () c:\postgreSQL\bin\libxml2.dll
2013-01-27 00:32 - 2005-07-20 12:48 - 00059904 _____ () c:\postgreSQL\bin\zlib1.dll
2011-03-26 03:55 - 2011-03-26 03:55 - 00157000 _____ () C:\ExpressGateUtil\libexpat.dll
2011-03-26 03:55 - 2011-03-26 03:55 - 00061768 _____ () C:\ExpressGateUtil\netProfileDatabase.DLL
2014-03-18 21:50 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 08:31 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 08:31 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 08:31 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 16:08 - 2015-04-14 01:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 15:13 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 15:13 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 15:13 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 15:13 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 15:13 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-03-18 21:50 - 2015-04-14 01:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2015-03-12 17:53 - 2015-03-18 21:50 - 40506936 _____ () C:\Users\Marci\AppData\Roaming\Spotify\libcef.dll
2015-04-14 16:36 - 2015-04-14 16:36 - 00043008 _____ () c:\users\marci\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaedohy.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Marci\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Marci\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Marci\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Marci\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2010-08-20 19:57 - 2010-08-20 19:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 19:57 - 2010-08-20 19:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-02-06 19:32 - 2012-02-06 19:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2012-01-31 09:25 - 2012-01-31 09:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-03-18 21:50 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-03-12 17:53 - 2015-03-18 21:50 - 01365560 _____ () C:\Users\Marci\AppData\Roaming\Spotify\libglesv2.dll
2015-03-12 17:53 - 2015-03-18 21:50 - 00219192 _____ () C:\Users\Marci\AppData\Roaming\Spotify\libegl.dll
2015-03-12 17:53 - 2015-03-18 21:50 - 09305656 _____ () C:\Users\Marci\AppData\Roaming\Spotify\pdf.dll
2015-03-12 17:53 - 2015-03-18 21:50 - 00990776 _____ () C:\Users\Marci\AppData\Roaming\Spotify\ffmpegsumo.dll
2014-12-04 22:12 - 2013-11-12 12:44 - 00187920 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1586699263-1730969920-3125584917-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1586699263-1730969920-3125584917-500 - Administrator - Disabled)
Gast (S-1-5-21-1586699263-1730969920-3125584917-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1586699263-1730969920-3125584917-1002 - Limited - Enabled)
Marci (S-1-5-21-1586699263-1730969920-3125584917-1000 - Administrator - Enabled) => C:\Users\Marci
postgres (S-1-5-21-1586699263-1730969920-3125584917-1006 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Bluetooth Module
Description: Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2015 04:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.27.25537, Zeitstempel: 0x546de872
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1438
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (04/14/2015 04:36:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.get_AppSettings()
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (04/14/2015 04:32:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.TypeInitializationException
Stapel:
bei NLog.Common.InternalLogger.Debug(System.String, System.Object[])
bei NLog.LogFactory.get_Configuration()
bei NLog.LogFactory.GetLogger(LoggerCacheKey)
bei NLog.LogFactory.GetLogger(System.String)
bei NLog.LogManager.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
bei Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (04/14/2015 04:32:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.TypeInitializationException
Stapel:
bei NLog.Common.InternalLogger.Debug(System.String, System.Object[])
bei NLog.LogFactory.get_Configuration()
bei NLog.LogFactory.GetLogger(LoggerCacheKey)
bei NLog.LogFactory.GetLogger(System.String)
bei NLog.LogManager.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
bei Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (04/14/2015 04:31:45 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (04/14/2015 04:31:45 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (04/14/2015 04:31:45 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (04/14/2015 04:31:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.TypeInitializationException
Stapel:
bei NLog.Common.InternalLogger.Debug(System.String, System.Object[])
bei NLog.LogFactory.get_Configuration()
bei NLog.LogFactory.GetLogger(LoggerCacheKey)
bei NLog.LogFactory.GetLogger(System.String)
bei NLog.LogManager.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
bei Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (04/14/2015 04:31:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: ASUSG74)
Description: Sie konnten nicht angemeldet werden, da das lokal gespeicherte Profil nicht geladen werden konnte. Überprüfen Sie, ob eine Netzwerkverbindung besteht und das Netzwerk ordnungsgemäß funktioniert.
Details - Das System kann den angegebenen Pfad nicht finden.
Error: (04/14/2015 04:31:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: ASUSG74)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
System errors:
=============
Error: (04/14/2015 04:32:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (04/14/2015 04:32:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/14/2015 04:31:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/14/2015 04:31:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/14/2015 04:31:42 PM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%3
Error: (04/14/2015 03:33:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (04/14/2015 03:33:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/14/2015 03:33:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/14/2015 03:33:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/14/2015 03:33:10 PM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%3
Microsoft Office Sessions:
=========================
Error: (04/14/2015 04:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.27.25537546de872KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d143801d076bfbb869a3bC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dlla278f679-e2b3-11e4-bd17-5404a64be8ae
Error: (04/14/2015 04:36:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.get_AppSettings()
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (04/14/2015 04:32:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.TypeInitializationException
Stapel:
bei NLog.Common.InternalLogger.Debug(System.String, System.Object[])
bei NLog.LogFactory.get_Configuration()
bei NLog.LogFactory.GetLogger(LoggerCacheKey)
bei NLog.LogFactory.GetLogger(System.String)
bei NLog.LogManager.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
bei Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (04/14/2015 04:32:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.TypeInitializationException
Stapel:
bei NLog.Common.InternalLogger.Debug(System.String, System.Object[])
bei NLog.LogFactory.get_Configuration()
bei NLog.LogFactory.GetLogger(LoggerCacheKey)
bei NLog.LogFactory.GetLogger(System.String)
bei NLog.LogManager.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
bei Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (04/14/2015 04:31:45 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (04/14/2015 04:31:45 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (04/14/2015 04:31:45 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (04/14/2015 04:31:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.TypeInitializationException
Stapel:
bei NLog.Common.InternalLogger.Debug(System.String, System.Object[])
bei NLog.LogFactory.get_Configuration()
bei NLog.LogFactory.GetLogger(LoggerCacheKey)
bei NLog.LogFactory.GetLogger(System.String)
bei NLog.LogManager.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
bei Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
bei Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (04/14/2015 04:31:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: ASUSG74)
Description: Das System kann den angegebenen Pfad nicht finden.
Error: (04/14/2015 04:31:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: ASUSG74)
Description:
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 34%
Total physical RAM: 8169.16 MB
Available physical RAM: 5339.38 MB
Total Pagefile: 16336.52 MB
Available Pagefile: 13052.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:13.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Games) (Fixed) (Total:118.08 GB) (Free:4.32 GB) NTFS
Drive e: (Sonstiges) (Fixed) (Total:349.3 GB) (Free:274.56 GB) NTFS
Drive f: (SDATA2) (Fixed) (Total:349.33 GB) (Free:123.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=95.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=118.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: BBC58B91)
Partition 1: (Not Active) - (Size=349.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=349.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
lg Marcel M. |
| Themen zu Windows 7: Ungültiges Bild (error) VC32LO |
| antivir, antivirus, avira, bonjour, browser, canon, computer, converter, device driver, error, failed, firefox, flash player, home, homepage, launch, mozilla, mp3, newtab, problem, programm, realtek, registry, rundll, scan, security, starten, svchost.exe, ungültiges bild, vc32lo~1.dll, windows |
Baum-Darstellung