| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: AntiVir durch Gruppenrichtlinie blockiert + Downloads werden gestartetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
19.08.2014, 10:14
| #1 |
 |  AntiVir durch Gruppenrichtlinie blockiert + Downloads werden gestartet Hallo zusammen, beim Starten meines Anti-Vir Programmes öffnet sich die Fehlermeldung: "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert." Außerdem öffnen sich automatisch mit einer gewissen Regelmäßigkeit Downloads von JScript-Dateien namens dpx.js von i.simpli.fi und bk-coretag.js von tags.bkrtx.com Danke für jede Hilfe! Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by shehzad (administrator) on SHEHZAD-PC on 19-08-2014 10:57:18
Running from C:\Users\shehzad\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\LPT\srpts.exe
( ) C:\Windows\System32\lxeecoms.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Users\shehzad\AppData\Local\fst_de_1\upfst_de_1.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\LPT\srptm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\ScanTack\updateScanTack.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre8\bin\javaws.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe
() C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [lxeemon.exe] => C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe [772712 2013-01-30] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe [150264 2013-01-30] ()
HKLM\...\Run: [Okoheba] => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [368640 2014-01-05] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
HKLM-x32\...\Run: [fst_de_1] => "C:\Program Files (x86)\fst_de_1\fst_de_1.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Okoheba] => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [368640 2014-01-05] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\RunOnce: [upfst_de_1.exe] => C:\Users\shehzad\AppData\Local\fst_de_1\upfst_de_1.exe [3267536 2014-04-08] ()
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2564675894-2720206820-1579627790-1002\...\Run: [GoogleChromeAutoLaunch_64528655D5F25C403B8633DE809A3F8A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-2564675894-2720206820-1579627790-1002\...\Run: [PriceMeterW] => "C:\Users\shehzad\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-2564675894-2720206820-1579627790-1002\...\Run: [UhpeRfefh] => regsvr32.exe "C:\ProgramData\UhpeRfefh\UhpeRfefh.dat"
HKU\S-1-5-21-2564675894-2720206820-1579627790-1002\...\Run: [Okoheba] => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [368640 2014-01-05] ()
HKU\S-1-5-21-2564675894-2720206820-1579627790-1008\...\Run: [playnowradio] => C:\Users\alisha\AppData\Local\playnowradio\playnowradio\1.3.4.22\playnowradio.exe [420352 2014-03-06] (Pay By Ads LTD)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-HA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.findwide.com/?guid={FABB9A3B-020B-4955-9542-90B196036D71}&action=homepage_search
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-HA,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-GA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-GA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-HA,,&q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: ScanTack -> {d332cff8-358e-4c9e-8af3-a08872ef22c1} -> C:\Program Files (x86)\ScanTack\ScanTackbho.dll (ScanTack)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: BonanzaDeals -> {fe063412-bea4-4d76-8ed3-183be6220d17} -> C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {CD0342DD-7582-4507-B58A-4C9EA18B13AA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default
FF DefaultSearchEngine: Conduit Search
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_114.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_114.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 -> C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 -> C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: MediaPlayerplus - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-05-20]
FF Extension: Quick Start - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\quick_start@gmail.com [2014-05-21]
FF Extension: Shopping Helper Smartbar - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\{14895be1-6013-6314-fc5c-52690c3f821a} [2014-04-27]
FF Extension: Boost - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\boost@boost.net.xpi [2014-05-16]
FF Extension: Adblock Plus - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-27]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
Chrome:
=======
CHR Extension: (BonanzaDeals) - C:\Users\shehzad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj [2014-08-19]
CHR Extension: (Skype Click to Call) - C:\Users\shehzad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-18]
CHR Extension: (Google Wallet) - C:\Users\shehzad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR HKLM-x32\...\Chrome\Extension: [dljhohhmfjfhgfhpgkfefjoojfobodhn] - C:\Program Files (x86)\Whilokii\dljhohhmfjfhgfhpgkfefjoojfobodhn.crx [2014-08-18]
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx [2013-10-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-08] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-23] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-23] (BonanzaDeals)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32288 2014-02-09] ()
S2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxee_device; C:\Windows\system32\lxeecoms.exe [1052328 2010-04-14] ( )
R2 lxee_device; C:\Windows\SysWOW64\lxeecoms.exe [598696 2010-04-14] ( )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SecurityCenterServer1376075522; C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [368640 2014-01-05] () [File not signed]
R2 Update ScanTack; C:\Program Files (x86)\ScanTack\updateScanTack.exe [317728 2014-05-30] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 {fed5e6b2-4fc4-43ba-8e95-001d959d8008}w64; C:\Windows\System32\drivers\{fed5e6b2-4fc4-43ba-8e95-001d959d8008}w64.sys [61112 2014-05-22] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 10:57 - 2014-08-19 10:57 - 00023114 _____ () C:\Users\shehzad\Desktop\FRST.txt
2014-08-19 10:56 - 2014-08-19 10:57 - 00000000 ____D () C:\FRST
2014-08-19 10:56 - 2014-08-19 10:56 - 02101760 _____ (Farbar) C:\Users\shehzad\Desktop\FRST64.exe
2014-08-19 10:10 - 2014-08-19 10:10 - 00003136 _____ () C:\Windows\System32\Tasks\{BF7A24A6-12B9-4E7A-9B74-D68A66471EF5}
2014-08-19 10:04 - 2014-08-19 10:04 - 00000384 _____ () C:\Windows\wininit.ini
2014-08-19 09:23 - 2014-08-19 09:23 - 00001399 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-19 09:23 - 2014-08-19 09:23 - 00001387 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-19 09:23 - 2014-08-19 09:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-19 09:23 - 2014-08-19 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-19 09:22 - 2014-08-19 10:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-19 09:22 - 2014-08-19 09:23 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-19 09:22 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-08-19 09:21 - 2014-08-19 09:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\shehzad\Downloads\spybot-2.4.exe
2014-08-19 09:21 - 2014-08-19 09:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\shehzad\Downloads\spybot-2.4 (1).exe
2014-08-18 20:52 - 2014-08-18 20:52 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\shehzad\Downloads\avira_de_av___ws.exe
2014-08-18 20:36 - 2014-08-18 20:37 - 00373256 _____ () C:\Windows\Minidump\081814-37237-01.dmp
2014-08-18 20:29 - 2014-08-18 20:30 - 01700736 _____ () C:\Windows\Minidump\081814-39577-01.dmp
2014-08-18 20:25 - 2014-08-18 20:27 - 194045080 _____ (Kaspersky Lab) C:\Users\shehzad\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-08-18 20:19 - 2014-08-18 20:20 - 00013680 _____ () C:\Windows\diagwrn.xml
2014-08-18 20:19 - 2014-08-18 20:20 - 00001908 _____ () C:\Windows\diagerr.xml
2014-08-18 20:10 - 2014-08-18 20:10 - 00373528 _____ () C:\Windows\Minidump\081814-38547-01.dmp
2014-08-18 20:08 - 2014-08-18 20:08 - 00001080 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-08-18 19:25 - 2014-08-18 19:25 - 00640616 _____ () C:\Windows\Minidump\081814-23088-01.dmp
2014-08-18 19:16 - 2014-08-18 19:17 - 01700736 _____ () C:\Windows\Minidump\081814-27799-01.dmp
2014-08-18 19:06 - 2014-08-18 19:06 - 00373528 _____ () C:\Windows\Minidump\081814-28875-01.dmp
2014-08-18 18:07 - 2014-08-18 18:07 - 01044672 _____ () C:\Windows\Minidump\081814-36207-01.dmp
2014-08-18 17:30 - 2014-08-19 10:00 - 00000812 _____ () C:\Windows\Tasks\Security Center Update - 1376075522.job
2014-08-18 17:30 - 2014-08-18 17:30 - 00003828 _____ () C:\Windows\System32\Tasks\Security Center Update - 1376075522
2014-08-18 17:30 - 2014-08-18 17:30 - 00000000 ____D () C:\Users\shehzad\AppData\Roaming\Vodeka
2014-08-18 17:30 - 2014-01-05 16:34 - 00368640 _____ () C:\Windows\SysWOW64\haiwuruc.exe
2014-08-18 17:29 - 2014-08-18 17:29 - 00000000 ____D () C:\ProgramData\UhpeRfefh
2014-08-15 18:43 - 2014-08-15 18:43 - 00113815 _____ () C:\Users\shehzad\Downloads\Familienfuersorge Lebensversicherung Mail-Info 965294842-T-71.zip
2014-08-13 09:32 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 09:32 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 09:32 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 09:32 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 09:32 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 09:32 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 09:32 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 09:32 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 08:19 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 08:19 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 08:19 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 08:19 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 08:19 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 08:19 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 08:19 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 08:19 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 08:19 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 08:19 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 08:19 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 08:19 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 08:19 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 08:19 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 08:19 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 08:19 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 08:19 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 08:19 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 08:19 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 08:19 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 08:19 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 08:19 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 08:19 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 08:19 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 08:19 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 08:19 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 08:19 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 08:19 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 08:19 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 08:19 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 08:19 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 08:19 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 08:19 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 08:19 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 08:19 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 08:19 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 08:19 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 08:19 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 08:19 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 08:19 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 08:19 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 08:19 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 08:19 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 08:19 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 08:19 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 08:19 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 08:19 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 08:19 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 08:19 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 08:19 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 08:19 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 08:19 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 08:19 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 08:19 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 08:19 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 08:19 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 08:18 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 08:18 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 08:18 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 08:18 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 08:18 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 08:18 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 08:18 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 08:18 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 08:18 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 08:18 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 08:18 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 08:18 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 08:18 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 08:18 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 08:18 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 08:18 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 08:18 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 08:18 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 08:18 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 08:18 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 08:18 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 08:18 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 08:13 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 08:13 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 08:13 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 08:13 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 12:15 - 2014-08-12 12:15 - 00000601 _____ () C:\Users\shehzad\Downloads\umsatz-5232________6593-20140812.csv
2014-08-11 17:39 - 2014-08-17 14:34 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\Desktop\Geschichten
2014-08-11 17:36 - 2014-08-17 14:34 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\SoftGrid Client
2014-08-11 17:36 - 2014-08-11 17:36 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\SoftGrid Client
2014-08-11 17:30 - 2014-08-11 17:30 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\{F8077320-0BB0-414E-B46A-9C1AABE7B94C}
2014-08-11 17:22 - 2014-08-11 17:22 - 23647099 _____ () C:\Users\Sarah.shehzad-PC\Downloads\WestCoastNZIanRushton.themepack
2014-08-11 17:21 - 2014-08-11 17:21 - 05000883 _____ () C:\Users\Sarah.shehzad-PC\Downloads\BeautyHongKongWilsonAu.themepack
2014-08-11 17:18 - 2014-08-11 17:18 - 15412792 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Hawaii.themepack
2014-08-11 17:17 - 2014-08-11 17:17 - 10212996 _____ () C:\Users\Sarah.shehzad-PC\Downloads\PanoramicWaves.deskthemepack
2014-08-11 17:17 - 2014-08-11 17:17 - 03391991 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Brazil.themepack
2014-08-11 17:16 - 2014-08-11 17:16 - 17781878 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Rainbows.themepack
2014-08-11 17:16 - 2014-08-11 17:16 - 14012484 _____ () C:\Users\Sarah.shehzad-PC\Downloads\SaltLakesDeadSea.themepack
2014-08-11 17:14 - 2014-08-11 17:14 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah.shehzad-PC\Downloads\DefaultPack.EXE
2014-08-11 17:13 - 2014-08-11 17:13 - 02877643 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Lovebirds.themepack
2014-08-11 17:12 - 2014-08-11 17:12 - 12632044 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Calligraphy (1).themepack
2014-08-11 17:12 - 2014-08-11 17:12 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast (2).themepack
2014-08-11 17:11 - 2014-08-11 17:11 - 04396799 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Tigers.themepack
2014-08-11 17:11 - 2014-08-11 17:11 - 04396799 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Tigers (1).themepack
2014-08-11 17:10 - 2014-08-11 17:10 - 12632044 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Calligraphy.themepack
2014-08-11 17:10 - 2014-08-11 17:10 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast (1).themepack
2014-08-11 17:09 - 2014-08-11 17:09 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast.themepack
2014-08-11 17:09 - 2014-08-11 17:09 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Avira
2014-08-11 17:04 - 2014-08-11 17:04 - 00001429 _____ () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-11 17:04 - 2014-08-11 17:04 - 00000020 ___SH () C:\Users\Sarah.shehzad-PC\ntuser.ini
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Vorlagen
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Startmenü
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Netzwerkumgebung
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Lokale Einstellungen
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Eigene Dateien
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Druckumgebung
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Documents\Eigene Musik
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Documents\Eigene Bilder
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Local\Verlauf
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Local\Anwendungsdaten
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Anwendungsdaten
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\ATI
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Adobe
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\Power2Go
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\ATI
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\AMD
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC
2014-08-11 17:04 - 2014-03-30 12:10 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\Google
2014-08-11 17:04 - 2014-03-12 15:28 - 00090936 _____ () C:\Users\Sarah.shehzad-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-11 17:04 - 2011-06-28 01:41 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover
2014-08-11 17:04 - 2011-06-28 01:38 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveEditor
2014-08-11 17:04 - 2011-02-10 22:48 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Macromedia
2014-08-11 17:04 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-11 17:04 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-11 11:47 - 2014-08-11 11:48 - 12632044 _____ () C:\Users\Sarah\Downloads\Calligraphy.themepack
2014-08-11 11:47 - 2014-08-11 11:47 - 16501035 _____ () C:\Users\Sarah\Downloads\NYCityscapesJohnnyWLam.themepack
2014-08-11 11:46 - 2014-08-11 11:46 - 07122824 _____ () C:\Users\Sarah\Downloads\LightPaintingLayonerBeast.themepack
2014-08-11 11:45 - 2014-08-11 11:46 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah\Downloads\DefaultPack (1).EXE
2014-08-11 11:45 - 2014-08-11 11:45 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah\Downloads\DefaultPack.EXE
2014-08-07 17:34 - 2014-08-07 17:35 - 01101648 _____ () C:\Users\shehzad\Downloads\CHIP MP3 Converter for YouTube - CHIP-Installer.exe
2014-08-05 11:10 - 2014-08-05 11:10 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\InstallShield
2014-08-04 14:02 - 2014-08-04 14:02 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{AB42A2CD-DFB9-462B-9843-26E87BDEC644}
2014-08-01 21:43 - 2014-08-01 21:44 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{900D8FF8-BE35-42B7-98D0-7F902D36CB94}
2014-08-01 18:13 - 2014-08-01 18:13 - 00000000 __SHD () C:\Users\Sarah\AppData\Local\EmieUserList
2014-08-01 18:13 - 2014-08-01 18:13 - 00000000 __SHD () C:\Users\Sarah\AppData\Local\EmieSiteList
2014-08-01 11:41 - 2014-08-01 11:41 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Avira
2014-08-01 11:37 - 2014-08-01 11:37 - 00000000 ____D () C:\Users\Sarah\AppData\Local\AMD
2014-08-01 11:36 - 2014-08-01 11:36 - 00001429 _____ () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\ATI
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Power2Go
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Local\ATI
2014-08-01 11:35 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah
2014-08-01 11:35 - 2014-08-01 11:35 - 00000020 ___SH () C:\Users\Sarah\ntuser.ini
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Vorlagen
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Startmenü
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Netzwerkumgebung
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Lokale Einstellungen
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Eigene Dateien
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Druckumgebung
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Documents\Eigene Musik
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Documents\Eigene Bilder
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Local\Verlauf
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Local\Anwendungsdaten
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Anwendungsdaten
2014-08-01 11:35 - 2014-03-30 12:10 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Google
2014-08-01 11:35 - 2014-03-12 15:28 - 00090936 _____ () C:\Users\Sarah\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-01 11:35 - 2011-06-28 01:41 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover
2014-08-01 11:35 - 2011-06-28 01:38 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveEditor
2014-08-01 11:35 - 2011-02-10 22:48 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Macromedia
2014-08-01 11:35 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-01 11:35 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-29 13:19 - 2014-07-29 13:19 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{96EF72E1-2343-4D24-8250-7066177309E4}
2014-07-27 16:54 - 2014-07-27 16:54 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{20796B98-8A1E-417C-B3CC-CABBED48B3D2}
2014-07-25 14:00 - 2014-07-25 14:00 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{C5C32DFF-B1EA-46A4-A865-E74AF662A63E}
2014-07-20 20:14 - 2014-07-20 20:14 - 00978687 _____ () C:\ProgramData\SPLDC0.tmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 10:57 - 2014-08-19 10:57 - 00023114 _____ () C:\Users\shehzad\Desktop\FRST.txt
2014-08-19 10:57 - 2014-08-19 10:56 - 00000000 ____D () C:\FRST
2014-08-19 10:56 - 2014-08-19 10:56 - 02101760 _____ (Farbar) C:\Users\shehzad\Desktop\FRST64.exe
2014-08-19 10:40 - 2013-10-09 12:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 10:31 - 2014-05-25 14:31 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {1DB6657B-232F-495A-B46A-89F94D0B7CE5}.job
2014-08-19 10:27 - 2013-10-23 13:21 - 00000928 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2014-08-19 10:10 - 2014-08-19 10:10 - 00003136 _____ () C:\Windows\System32\Tasks\{BF7A24A6-12B9-4E7A-9B74-D68A66471EF5}
2014-08-19 10:10 - 2014-03-19 09:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-19 10:04 - 2014-08-19 10:04 - 00000384 _____ () C:\Windows\wininit.ini
2014-08-19 10:04 - 2014-08-19 09:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-19 10:04 - 2014-04-14 22:03 - 00000282 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-08-19 10:00 - 2014-08-18 17:30 - 00000812 _____ () C:\Windows\Tasks\Security Center Update - 1376075522.job
2014-08-19 09:24 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-19 09:24 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-19 09:23 - 2014-08-19 09:23 - 00001399 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-19 09:23 - 2014-08-19 09:23 - 00001387 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-19 09:23 - 2014-08-19 09:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-19 09:23 - 2014-08-19 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-19 09:23 - 2014-08-19 09:22 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-19 09:22 - 2014-08-19 09:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\shehzad\Downloads\spybot-2.4.exe
2014-08-19 09:22 - 2014-08-19 09:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\shehzad\Downloads\spybot-2.4 (1).exe
2014-08-19 09:20 - 2013-10-09 21:52 - 01583736 _____ () C:\Windows\WindowsUpdate.log
2014-08-19 09:19 - 2014-04-17 08:40 - 00000000 ____D () C:\Users\shehzad\AppData\Local\fst_de_1
2014-08-19 09:16 - 2014-04-10 23:21 - 00003126 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.job
2014-08-19 09:16 - 2014-04-10 23:21 - 00002198 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.job
2014-08-19 09:16 - 2014-04-10 23:21 - 00001508 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.job
2014-08-19 09:16 - 2014-04-10 23:21 - 00001430 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1.job
2014-08-19 09:16 - 2014-04-10 23:21 - 00001418 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.job
2014-08-19 09:16 - 2013-10-23 13:21 - 00000924 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2014-08-19 09:16 - 2013-10-09 21:17 - 00170065 _____ () C:\ProgramData\lxeescan.log
2014-08-19 09:16 - 2013-10-09 12:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-19 09:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-19 09:15 - 2009-07-14 06:51 - 00007294 _____ () C:\Windows\setupact.log
2014-08-19 09:01 - 2009-07-14 06:45 - 00378432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-18 23:37 - 2011-02-10 21:25 - 00699634 _____ () C:\Windows\system32\perfh007.dat
2014-08-18 23:37 - 2011-02-10 21:25 - 00149516 _____ () C:\Windows\system32\perfc007.dat
2014-08-18 23:37 - 2009-07-14 07:13 - 01621276 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-18 20:52 - 2014-08-18 20:52 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\shehzad\Downloads\avira_de_av___ws.exe
2014-08-18 20:37 - 2014-08-18 20:36 - 00373256 _____ () C:\Windows\Minidump\081814-37237-01.dmp
2014-08-18 20:36 - 2014-04-15 18:11 - 617677318 _____ () C:\Windows\MEMORY.DMP
2014-08-18 20:36 - 2014-04-15 18:11 - 00000000 ____D () C:\Windows\Minidump
2014-08-18 20:30 - 2014-08-18 20:29 - 01700736 _____ () C:\Windows\Minidump\081814-39577-01.dmp
2014-08-18 20:27 - 2014-08-18 20:25 - 194045080 _____ (Kaspersky Lab) C:\Users\shehzad\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-08-18 20:20 - 2014-08-18 20:19 - 00013680 _____ () C:\Windows\diagwrn.xml
2014-08-18 20:20 - 2014-08-18 20:19 - 00001908 _____ () C:\Windows\diagerr.xml
2014-08-18 20:19 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-18 20:10 - 2014-08-18 20:10 - 00373528 _____ () C:\Windows\Minidump\081814-38547-01.dmp
2014-08-18 20:08 - 2014-08-18 20:08 - 00001080 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-08-18 20:08 - 2014-02-08 23:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 20:08 - 2014-02-08 23:22 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 20:07 - 2014-02-08 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 19:25 - 2014-08-18 19:25 - 00640616 _____ () C:\Windows\Minidump\081814-23088-01.dmp
2014-08-18 19:17 - 2014-08-18 19:16 - 01700736 _____ () C:\Windows\Minidump\081814-27799-01.dmp
2014-08-18 19:06 - 2014-08-18 19:06 - 00373528 _____ () C:\Windows\Minidump\081814-28875-01.dmp
2014-08-18 18:07 - 2014-08-18 18:07 - 01044672 _____ () C:\Windows\Minidump\081814-36207-01.dmp
2014-08-18 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-18 17:30 - 2014-08-18 17:30 - 00003828 _____ () C:\Windows\System32\Tasks\Security Center Update - 1376075522
2014-08-18 17:30 - 2014-08-18 17:30 - 00000000 ____D () C:\Users\shehzad\AppData\Roaming\Vodeka
2014-08-18 17:29 - 2014-08-18 17:29 - 00000000 ____D () C:\ProgramData\UhpeRfefh
2014-08-18 12:40 - 2014-06-25 16:07 - 00001471 _____ () C:\Users\alisha\Desktop\Play Now Radio.lnk
2014-08-18 09:41 - 2013-10-10 21:13 - 00000000 ____D () C:\Users\shehzad\AppData\Roaming\Skype
2014-08-17 23:22 - 2013-10-09 13:04 - 00000000 ____D () C:\Users\shehzad\AppData\Roaming\SoftGrid Client
2014-08-17 19:24 - 2013-10-09 21:28 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-08-17 19:01 - 2014-02-18 22:33 - 00000492 _____ () C:\ProgramData\lxeeDiagnostics.log
2014-08-17 14:34 - 2014-08-11 17:39 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\Desktop\Geschichten
2014-08-17 14:34 - 2014-08-11 17:36 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\SoftGrid Client
2014-08-16 08:44 - 2013-10-09 12:57 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 18:43 - 2014-08-15 18:43 - 00113815 _____ () C:\Users\shehzad\Downloads\Familienfuersorge Lebensversicherung Mail-Info 965294842-T-71.zip
2014-08-14 19:10 - 2014-03-19 09:56 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 19:10 - 2014-03-19 09:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-14 19:10 - 2011-06-28 01:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-14 12:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-13 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 09:44 - 2013-10-17 16:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 09:37 - 2011-02-10 22:56 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 09:32 - 2014-05-06 18:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-12 12:15 - 2014-08-12 12:15 - 00000601 _____ () C:\Users\shehzad\Downloads\umsatz-5232________6593-20140812.csv
2014-08-11 17:36 - 2014-08-11 17:36 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\SoftGrid Client
2014-08-11 17:30 - 2014-08-11 17:30 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\{F8077320-0BB0-414E-B46A-9C1AABE7B94C}
2014-08-11 17:22 - 2014-08-11 17:22 - 23647099 _____ () C:\Users\Sarah.shehzad-PC\Downloads\WestCoastNZIanRushton.themepack
2014-08-11 17:21 - 2014-08-11 17:21 - 05000883 _____ () C:\Users\Sarah.shehzad-PC\Downloads\BeautyHongKongWilsonAu.themepack
2014-08-11 17:18 - 2014-08-11 17:18 - 15412792 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Hawaii.themepack
2014-08-11 17:17 - 2014-08-11 17:17 - 10212996 _____ () C:\Users\Sarah.shehzad-PC\Downloads\PanoramicWaves.deskthemepack
2014-08-11 17:17 - 2014-08-11 17:17 - 03391991 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Brazil.themepack
2014-08-11 17:16 - 2014-08-11 17:16 - 17781878 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Rainbows.themepack
2014-08-11 17:16 - 2014-08-11 17:16 - 14012484 _____ () C:\Users\Sarah.shehzad-PC\Downloads\SaltLakesDeadSea.themepack
2014-08-11 17:14 - 2014-08-11 17:14 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah.shehzad-PC\Downloads\DefaultPack.EXE
2014-08-11 17:13 - 2014-08-11 17:13 - 02877643 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Lovebirds.themepack
2014-08-11 17:12 - 2014-08-11 17:12 - 12632044 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Calligraphy (1).themepack
2014-08-11 17:12 - 2014-08-11 17:12 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast (2).themepack
2014-08-11 17:11 - 2014-08-11 17:11 - 04396799 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Tigers.themepack
2014-08-11 17:11 - 2014-08-11 17:11 - 04396799 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Tigers (1).themepack
2014-08-11 17:10 - 2014-08-11 17:10 - 12632044 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Calligraphy.themepack
2014-08-11 17:10 - 2014-08-11 17:10 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast (1).themepack
2014-08-11 17:09 - 2014-08-11 17:09 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast.themepack
2014-08-11 17:09 - 2014-08-11 17:09 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Avira
2014-08-11 17:04 - 2014-08-11 17:04 - 00001429 _____ () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-11 17:04 - 2014-08-11 17:04 - 00000020 ___SH () C:\Users\Sarah.shehzad-PC\ntuser.ini
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Vorlagen
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Startmenü
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Netzwerkumgebung
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Lokale Einstellungen
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Eigene Dateien
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Druckumgebung
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Documents\Eigene Musik
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Documents\Eigene Bilder
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Local\Verlauf
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Local\Anwendungsdaten
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Anwendungsdaten
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\ATI
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Adobe
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\Power2Go
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\ATI
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\AMD
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC
2014-08-11 11:48 - 2014-08-11 11:47 - 12632044 _____ () C:\Users\Sarah\Downloads\Calligraphy.themepack
2014-08-11 11:47 - 2014-08-11 11:47 - 16501035 _____ () C:\Users\Sarah\Downloads\NYCityscapesJohnnyWLam.themepack
2014-08-11 11:46 - 2014-08-11 11:46 - 07122824 _____ () C:\Users\Sarah\Downloads\LightPaintingLayonerBeast.themepack
2014-08-11 11:46 - 2014-08-11 11:45 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah\Downloads\DefaultPack (1).EXE
2014-08-11 11:45 - 2014-08-11 11:45 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah\Downloads\DefaultPack.EXE
2014-08-08 20:26 - 2014-04-27 14:48 - 00654336 ___SH () C:\Users\shehzad\Downloads\Thumbs.db
2014-08-07 17:35 - 2014-08-07 17:34 - 01101648 _____ () C:\Users\shehzad\Downloads\CHIP MP3 Converter for YouTube - CHIP-Installer.exe
2014-08-07 14:20 - 2013-10-10 21:12 - 00000000 ____D () C:\ProgramData\Skype
2014-08-07 04:06 - 2014-08-13 08:13 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 08:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 11:10 - 2014-08-05 11:10 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\InstallShield
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 14:02 - 2014-08-04 14:02 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{AB42A2CD-DFB9-462B-9843-26E87BDEC644}
2014-08-01 21:44 - 2014-08-01 21:43 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{900D8FF8-BE35-42B7-98D0-7F902D36CB94}
2014-08-01 18:13 - 2014-08-01 18:13 - 00000000 __SHD () C:\Users\Sarah\AppData\Local\EmieUserList
2014-08-01 18:13 - 2014-08-01 18:13 - 00000000 __SHD () C:\Users\Sarah\AppData\Local\EmieSiteList
2014-08-01 11:41 - 2014-08-01 11:41 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Avira
2014-08-01 11:37 - 2014-08-01 11:37 - 00000000 ____D () C:\Users\Sarah\AppData\Local\AMD
2014-08-01 11:36 - 2014-08-01 11:36 - 00001429 _____ () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\ATI
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Power2Go
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Local\ATI
2014-08-01 11:36 - 2014-08-01 11:35 - 00000000 ____D () C:\Users\Sarah
2014-08-01 11:35 - 2014-08-01 11:35 - 00000020 ___SH () C:\Users\Sarah\ntuser.ini
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Vorlagen
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Startmenü
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Netzwerkumgebung
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Lokale Einstellungen
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Eigene Dateien
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Druckumgebung
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Documents\Eigene Musik
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Documents\Eigene Bilder
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Local\Verlauf
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Local\Anwendungsdaten
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Anwendungsdaten
2014-08-01 01:41 - 2014-08-13 08:19 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 08:19 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 22:06 - 2014-05-30 20:51 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-29 13:19 - 2014-07-29 13:19 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{96EF72E1-2343-4D24-8250-7066177309E4}
2014-07-27 16:54 - 2014-07-27 16:54 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{20796B98-8A1E-417C-B3CC-CABBED48B3D2}
2014-07-27 10:02 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-25 16:52 - 2014-08-13 08:19 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-13 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-13 08:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-13 08:19 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-13 08:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-13 08:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-13 08:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-13 08:19 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 08:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-13 08:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-13 08:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-13 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-13 08:19 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-13 08:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-13 08:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-13 08:19 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-13 08:19 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-13 08:19 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 08:19 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-13 08:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-13 08:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-13 08:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 08:19 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-13 08:19 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-13 08:19 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-13 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-13 08:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-13 08:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-13 08:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-13 08:19 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-13 08:19 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-13 08:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-13 08:19 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 08:19 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 14:00 - 2014-07-25 14:00 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{C5C32DFF-B1EA-46A4-A865-E74AF662A63E}
2014-07-25 13:52 - 2014-08-13 08:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 08:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 08:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 08:19 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 08:19 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-13 08:19 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-13 08:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-13 08:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 08:19 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 08:19 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 08:19 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-13 08:19 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-13 08:19 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-13 08:19 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 08:19 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 08:19 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 08:19 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 08:19 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 08:19 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 08:19 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-20 20:14 - 2014-07-20 20:14 - 00978687 _____ () C:\ProgramData\SPLDC0.tmp
Some content of TEMP:
====================
C:\Users\alisha\AppData\Local\Temp\avgnt.exe
C:\Users\alisha\AppData\Local\Temp\drm_dialogs.dll
C:\Users\alisha\AppData\Local\Temp\drm_dyndata_7320010.dll
C:\Users\Sarah\AppData\Local\Temp\avgnt.exe
C:\Users\Sarah.shehzad-PC\AppData\Local\Temp\avgnt.exe
C:\Users\shehzad\AppData\Local\Temp\avgnt.exe
C:\Users\shehzad\AppData\Local\Temp\VP6Install.exe
C:\Users\shehzad\AppData\Local\Temp\VP6VFW.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 00:46
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by shehzad at 2014-08-19 10:58:17
Running from C:\Users\shehzad\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.114 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.684.213 - Advanced Micro Devices Inc.) Hidden
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0707.2346.40825 - AMD) Hidden
AMD Media Foundation Decoders (Version: 1.0.60707.2331 - ATI Technologies Inc.) Hidden
ATI AVIVO64 Codecs (Version: 11.6.0.10707 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{B72CAB06-4420-F4D1-AFBB-AF9093D3D237}) (Version: 3.0.833.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
ccc-utility64 (Version: 2011.0707.2346.40825 - ATI) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Lexmark Pro700 Series (HKLM\...\Lexmark Pro700 Series) (Version: - Lexmark International, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ScanTack (HKLM\...\ScanTack) (Version: 2014.05.30.150643 - ScanTack) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Total Uninstall 6.4.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.4.1 - Gavrila Martau)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-08-2014 07:45:12 Geplanter Prüfpunkt
13-08-2014 06:11:53 Windows Update
13-08-2014 07:31:55 Windows Update
13-08-2014 22:58:41 Windows Update
19-08-2014 06:15:23 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {086B95EC-772B-46F8-9998-CA84BFB4E4E6} - System32\Tasks\{AB159400-B175-49A2-94DD-122F7F00803B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {09A46B40-F55B-449A-BBD6-2C29B7A02BF8} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-23] (BonanzaDeals) <==== ATTENTION
Task: {2391C03B-B2B2-433B-AE53-CAF315333589} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-24] (Uniblue Systems Limited)
Task: {245BD3E0-0A38-4C22-A067-00BEFBF3AF4D} - System32\Tasks\{7FAC5E21-9611-4111-9AD0-9D97CADFEF1A} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Burning Studio\burningstudio.exe [2010-03-19] ()
Task: {2AEF6088-AABA-49F3-8B53-6F6E08D932E5} - System32\Tasks\Price Meter Updater => C:\Users\shehzad\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {2F02C421-B7DE-423A-BF8C-9F80036F12B2} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.exe <==== ATTENTION
Task: {304F45BD-2640-46D9-B248-7E91A6C1D676} - System32\Tasks\Play Now Radio => C:\Users\alisha\AppData\Local\playnowradio\playnowradio\1.3.4.22\playnowradio.exe [2014-03-06] (Pay By Ads LTD)
Task: {31FB817F-2FC0-415B-B5CA-E0EE0CDDC864} - System32\Tasks\UpdaterEX => C:\Users\shehzad\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {3200EDFD-2EEA-4B46-B877-0ABE70B9FFC2} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-23] (BonanzaDeals) <==== ATTENTION
Task: {327513AD-B4F9-44A8-B435-0717FB6DB6BE} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {341323E9-DF92-4EEA-BE92-505AB3D9F4B6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {4D41B39E-F182-4EAE-BFDE-180313AC2DD7} - System32\Tasks\Security Center Update - 1376075522 => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [2014-01-05] ()
Task: {4EA0FF40-41E3-4EFD-BA67-6D0AE8749039} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-09] (Google Inc.)
Task: {5187A258-5AA6-4BF4-BA54-8A2A814D0600} - System32\Tasks\{52AFAD36-978D-4DB5-9133-31C5BBBB3A9E} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Optimizer\photooptimizer.exe [2010-08-27] ()
Task: {532F9F3C-359F-46DC-B432-CCAE93BF3618} - System32\Tasks\{7DCD380B-BDDC-4D3C-BBB0-9E05D0B393DD} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {5D8E38BA-48DA-431A-AC31-2A100B09E11D} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.exe <==== ATTENTION
Task: {6823D1BE-37A5-4453-81BB-5875424FFE58} - System32\Tasks\{6E6F044E-E1C1-48C5-8846-C98A6C6FF79F} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Commander\apc.exe [2010-03-16] (ashampoo GmbH & Co. KG)
Task: {68C643DA-560C-4058-BF85-A21016BBCAF8} - System32\Tasks\{B311DB15-409C-4F5C-A2CA-3B96D0E9B8B3} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {7CD7EA51-3752-413A-8777-F226BD217065} - System32\Tasks\{F9FF6C01-0F77-4892-90C1-AB11BA9A8473} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {7FB3FC1A-9834-4E66-B6D0-AD2F6F35F92C} - System32\Tasks\{C3BFF0CF-95D8-4225-8394-302BDEAC466F} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Snap\ashsnap.exe [2010-03-20] (ashampoo GmbH & Co. KG)
Task: {972D1880-A511-4429-B032-2831AA653B9F} - System32\Tasks\{351A3EDF-51A8-4161-B94C-89F4378A7A26} => C:\Program Files (x86)\Flash Player Pro\Flash Player Pro.exe
Task: {A180C3BE-BEA5-4087-B299-0AD0742565A2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {AB067E2C-2D59-4792-AEA7-93A327E00451} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-14] (Adobe Systems Incorporated)
Task: {AC92E9BF-6D2B-4A32-886C-355E339224BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-09] (Google Inc.)
Task: {BC4C52EA-90B6-4908-A357-2E7C4015E94A} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.exe <==== ATTENTION
Task: {C4EFD966-1A90-4852-ADEF-90CD7494C73C} - System32\Tasks\{7F6C8D6A-E32F-45D7-B3BC-249B17FAB4C4} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Optimizer\photooptimizer.exe [2010-08-27] ()
Task: {C8A99DFA-96D1-400C-8C1A-D8A12CCB5AB1} - System32\Tasks\{25253F42-D79C-4472-AF27-D41A3824C54D} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Commander\apc.exe [2010-03-16] (ashampoo GmbH & Co. KG)
Task: {CB91BCB8-2627-4EB3-9EDC-E6D3EABD0DAA} - System32\Tasks\{C6C20EFD-3F5D-4974-A65A-EF9F37C21E87} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.60.106/de/eula
Task: {D5654A96-C6E5-4193-BEEC-CD6C1E229855} - System32\Tasks\FF Watcher {1DB6657B-232F-495A-B46A-89F94D0B7CE5} => C:\Program Files\V-bates\PrefHelper.exe
Task: {DABEEC72-2BD2-4E20-BE0B-3219A53931DE} - System32\Tasks\{F9DF7985-8072-4D9B-8A2D-6F3FC176F73B} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2010-09-29] (ATI Technologies Inc.)
Task: {DBAB8BC7-8391-4A21-9603-35F84C745E33} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {DC45EE92-694F-499D-9936-4E79967B4AC3} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe <==== ATTENTION
Task: {E813E246-C5F7-43B4-AB05-4D5C3BE79134} - System32\Tasks\{DD6357C3-9F85-4003-83FE-5EA5E4094F54} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {ECFED13C-77B7-4525-BE1B-2D476C34AB5B} - System32\Tasks\{D7523B32-B93F-4528-9BF6-EFA32E0EF58D} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Optimizer\photooptimizer.exe [2010-08-27] ()
Task: {F290E9C5-55DB-40AA-9AD4-79E5EB43B5FB} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: {F294E5FA-4CE9-454F-B3DA-2B420CEAB505} - System32\Tasks\pricemeterdownloader => C:\Users\shehzad\AppData\Local\PriceMeter\pricemeterd.exe
Task: {FB2F5B85-9BE2-4898-8F8D-A64DC93D0A26} - System32\Tasks\{DC04D699-98E2-4552-9CA2-E168BBA0723B} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {FF008A85-FAAB-42B3-9C6E-6E0A28109C87} - System32\Tasks\{60C667F5-2886-4333-863B-AC1AE3BECC4F} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\FF Watcher {1DB6657B-232F-495A-B46A-89F94D0B7CE5}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Price Meter Updater.job => C:\Users\shehzad\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1376075522.job => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\shehzad\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-10-09 21:28 - 2009-11-04 13:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeedrpp.dll
2011-07-08 08:36 - 2011-07-08 08:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00032288 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-04-17 08:40 - 2014-04-08 11:08 - 03267536 _____ () C:\Users\shehzad\AppData\Local\fst_de_1\upfst_de_1.exe
2014-02-08 23:02 - 2013-01-30 16:25 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
2014-02-08 23:02 - 2013-01-30 16:25 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
2014-01-05 16:34 - 2014-01-05 16:34 - 00368640 _____ () C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe
2014-02-09 12:41 - 2014-04-29 11:17 - 00023072 _____ () C:\Program Files (x86)\LPT\srptm.exe
2011-07-08 08:36 - 2011-07-08 08:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-07-08 08:44 - 2011-07-08 08:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-12-16 11:42 - 2009-12-16 11:42 - 00205824 _____ () C:\Program Files\Lexmark\Pro700 Series\lxeemicro.dll
2010-04-01 17:30 - 2010-04-01 17:30 - 01558528 _____ () C:\Program Files\Lexmark\Pro700 Series\lxeedrs64.dll
2009-03-10 05:44 - 2009-03-10 05:44 - 00015360 _____ () C:\Program Files\Lexmark\Pro700 Series\lxeecaps64.dll
2014-05-30 17:06 - 2014-05-30 17:06 - 00317728 _____ () C:\Program Files (x86)\ScanTack\updateScanTack.exe
2014-02-09 12:41 - 2014-02-09 12:41 - 00070176 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00022048 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-02-08 23:02 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeescw.dll
2014-02-08 23:02 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeedatr.dll
2014-02-08 23:02 - 2009-05-27 08:13 - 00081920 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeecats.dll
2014-02-08 23:02 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeDRS.dll
2014-02-08 23:02 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeecaps.dll
2009-02-20 08:48 - 2009-02-20 08:48 - 00381440 _____ () C:\Windows\system32\lxeesm.dll
2009-04-28 07:56 - 2009-04-28 07:56 - 00024064 _____ () C:\Windows\system32\lxeesmr.dll
2014-02-08 23:02 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epwizard.DLL
2014-02-08 23:02 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\customui.dll
2014-02-08 23:02 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Eputil.DLL
2014-02-08 23:02 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Imagutil.DLL
2014-02-08 23:02 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epfunct.DLL
2014-02-08 23:02 - 2009-06-23 07:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPWizRes.dll
2014-02-08 23:02 - 2009-06-23 07:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\epstring.dll
2014-02-08 23:02 - 2009-06-23 07:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPOEMDll.dll
2014-02-08 23:02 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\iptk.dll
2014-02-08 23:02 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeptp.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-02-09 12:41 - 2014-04-29 11:18 - 00057888 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00066080 _____ () C:\Program Files (x86)\LPT\sppsm.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00155680 _____ () C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00027168 _____ () C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00165920 _____ () C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00044064 _____ () C:\Program Files (x86)\LPT\srbu.dll
2014-04-14 22:03 - 2014-04-14 22:03 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00021880 _____ () C:\Program Files (x86)\LPT\srpdm.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00039456 _____ () C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 08:43 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-19 09:22 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-19 09:22 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-19 09:22 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-19 09:22 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-19 09:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2014 10:09:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDScan.exe, Version 2.4.40.181 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b38
Startzeit: 01cfbb7ea92337a6
Endzeit: 79
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Berichts-ID: 0d980617-2778-11e4-b808-8c89a557884c
Error: (08/19/2014 09:21:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01e54909
ID des fehlerhaften Prozesses: 0x34c
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/19/2014 09:17:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53f2109a
Name des fehlerhaften Moduls: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53f2109a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000042b5
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xpiarudx.exe0
Pfad der fehlerhaften Anwendung: piarudx.exe1
Pfad des fehlerhaften Moduls: piarudx.exe2
Berichtskennung: piarudx.exe3
Error: (08/19/2014 08:16:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53d75949
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.17239, Zeitstempel: 0x53d26078
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00136cef
ID des fehlerhaften Prozesses: 0x850
Startzeit der fehlerhaften Anwendung: 0xpiarudx.exe0
Pfad der fehlerhaften Anwendung: piarudx.exe1
Pfad des fehlerhaften Moduls: piarudx.exe2
Berichtskennung: piarudx.exe3
Error: (08/19/2014 08:13:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00624909
ID des fehlerhaften Prozesses: 0x1b70
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/18/2014 11:28:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01eb4909
ID des fehlerhaften Prozesses: 0xad0
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/18/2014 09:26:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00314909
ID des fehlerhaften Prozesses: 0x16fc
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/18/2014 09:21:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53f2109a
Name des fehlerhaften Moduls: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53f2109a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000042b5
ID des fehlerhaften Prozesses: 0xb28
Startzeit der fehlerhaften Anwendung: 0xpiarudx.exe0
Pfad der fehlerhaften Anwendung: piarudx.exe1
Pfad des fehlerhaften Moduls: piarudx.exe2
Berichtskennung: piarudx.exe3
Error: (08/18/2014 08:19:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00524909
ID des fehlerhaften Prozesses: 0x1714
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/18/2014 07:54:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01e24909
ID des fehlerhaften Prozesses: 0x1674
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
System errors:
=============
Error: (08/19/2014 10:14:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 10:14:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 10:13:04 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 10:04:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wpm Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/19/2014 09:47:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:45 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:45 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (08/19/2014 10:09:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDScan.exe2.4.40.1811b3801cfbb7ea92337a679C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe0d980617-2778-11e4-b808-8c89a557884c
Error: (08/19/2014 09:21:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c000000501e5490934c01cfbb7e2ab0b594C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknown69b9d7f8-2771-11e4-b808-8c89a557884c
Error: (08/19/2014 09:17:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: piarudx.exe0.0.0.053f2109apiarudx.exe0.0.0.053f2109ac0000005000042b5b2c01cfbb7d76fd9845C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exeC:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exed21fab15-2770-11e4-b808-8c89a557884c
Error: (08/19/2014 08:16:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: piarudx.exe0.0.0.053d75949mshtml.dll11.0.9600.1723953d26078c000000500136cef85001cfbb74adad2826C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exeC:\Windows\SysWOW64\mshtml.dll633d97ba-2768-11e4-9915-8c89a557884c
Error: (08/19/2014 08:13:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c0000005006249091b7001cfbb74a6186edcC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknownea7d1b14-2767-11e4-9915-8c89a557884c
Error: (08/18/2014 11:28:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c000000501eb4909ad001cfbb2b4d89856cC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknown8cff1881-271e-11e4-aa6c-742f6817a37b
Error: (08/18/2014 09:26:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c00000050031490916fc01cfbb1a4509760fC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknown838ec084-270d-11e4-8f58-8c89a557884c
Error: (08/18/2014 09:21:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: piarudx.exe0.0.0.053f2109apiarudx.exe0.0.0.053f2109ac0000005000042b5b2801cfbb1990a6e510C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exeC:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exee6d85b11-270c-11e4-8f58-8c89a557884c
Error: (08/18/2014 08:19:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c000000500524909171401cfbb10de70168dC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknown21a0316f-2704-11e4-bca3-742f6817a37b
Error: (08/18/2014 07:54:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c000000501e24909167401cfbb0d72342cdeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknownb1a03a72-2700-11e4-815f-742f6817a37b
CodeIntegrity Errors:
===================================
Date: 2014-02-07 09:39:07.504
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.502
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.500
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.478
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.476
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.474
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 16:30:47.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 16:30:47.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 16:30:47.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 16:30:47.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD A8-3800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 52%
Total physical RAM: 3576.13 MB
Available physical RAM: 1705.91 MB
Total Pagefile: 7150.45 MB
Available Pagefile: 4015.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:890.41 GB) (Free:829.74 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:19.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5183A2EF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=890.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
Baum-Darstellung