AntiVir durch Gruppenrichtlinie blockiert + Downloads werden gestartet
Hallo zusammen,
beim Starten meines Anti-Vir Programmes öffnet sich die Fehlermeldung: "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert."
Außerdem öffnen sich automatisch mit einer gewissen Regelmäßigkeit Downloads von JScript-Dateien namens dpx.js von i.simpli.fi und bk-coretag.js von tags.bkrtx.com
Danke für jede Hilfe! Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by shehzad (administrator) on SHEHZAD-PC on 19-08-2014 10:57:18
Running from C:\Users\shehzad\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\LPT\srpts.exe
( ) C:\Windows\System32\lxeecoms.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Users\shehzad\AppData\Local\fst_de_1\upfst_de_1.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\LPT\srptm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\ScanTack\updateScanTack.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre8\bin\javaws.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe
() C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [lxeemon.exe] => C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe [772712 2013-01-30] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe [150264 2013-01-30] ()
HKLM\...\Run: [Okoheba] => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [368640 2014-01-05] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
HKLM-x32\...\Run: [fst_de_1] => "C:\Program Files (x86)\fst_de_1\fst_de_1.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Okoheba] => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [368640 2014-01-05] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\RunOnce: [upfst_de_1.exe] => C:\Users\shehzad\AppData\Local\fst_de_1\upfst_de_1.exe [3267536 2014-04-08] ()
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2564675894-2720206820-1579627790-1002\...\Run: [GoogleChromeAutoLaunch_64528655D5F25C403B8633DE809A3F8A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-2564675894-2720206820-1579627790-1002\...\Run: [PriceMeterW] => "C:\Users\shehzad\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-2564675894-2720206820-1579627790-1002\...\Run: [UhpeRfefh] => regsvr32.exe "C:\ProgramData\UhpeRfefh\UhpeRfefh.dat"
HKU\S-1-5-21-2564675894-2720206820-1579627790-1002\...\Run: [Okoheba] => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [368640 2014-01-05] ()
HKU\S-1-5-21-2564675894-2720206820-1579627790-1008\...\Run: [playnowradio] => C:\Users\alisha\AppData\Local\playnowradio\playnowradio\1.3.4.22\playnowradio.exe [420352 2014-03-06] (Pay By Ads LTD)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-HA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.findwide.com/?guid={FABB9A3B-020B-4955-9542-90B196036D71}&action=homepage_search
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-HA,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397164831&from=tugs&uid=ST1000DM003-1CH162_Z1D40V45XXXXZ1D40V45&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-GA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-GA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna06INJivsh2G3E3cxNldDxOYhfaTm0VoTfR1Fyh880rq5_QtbBE0LLMoKm__qdALwoUNoIRzGnAFCaA_9i-BWo_TRRd1rxU6O36efXrgoSzX-6DBKmeJ_BZeaoINuz-HA,,&q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: ScanTack -> {d332cff8-358e-4c9e-8af3-a08872ef22c1} -> C:\Program Files (x86)\ScanTack\ScanTackbho.dll (ScanTack)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: BonanzaDeals -> {fe063412-bea4-4d76-8ed3-183be6220d17} -> C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {CD0342DD-7582-4507-B58A-4C9EA18B13AA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default
FF DefaultSearchEngine: Conduit Search
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_114.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_114.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 -> C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 -> C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: MediaPlayerplus - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-05-20]
FF Extension: Quick Start - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\quick_start@gmail.com [2014-05-21]
FF Extension: Shopping Helper Smartbar - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\{14895be1-6013-6314-fc5c-52690c3f821a} [2014-04-27]
FF Extension: Boost - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\boost@boost.net.xpi [2014-05-16]
FF Extension: Adblock Plus - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-27]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\shehzad\AppData\Roaming\Mozilla\Firefox\Profiles\8kejme6e.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
Chrome:
=======
CHR Extension: (BonanzaDeals) - C:\Users\shehzad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj [2014-08-19]
CHR Extension: (Skype Click to Call) - C:\Users\shehzad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-18]
CHR Extension: (Google Wallet) - C:\Users\shehzad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR HKLM-x32\...\Chrome\Extension: [dljhohhmfjfhgfhpgkfefjoojfobodhn] - C:\Program Files (x86)\Whilokii\dljhohhmfjfhgfhpgkfefjoojfobodhn.crx [2014-08-18]
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx [2013-10-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-08] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-23] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-23] (BonanzaDeals)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32288 2014-02-09] ()
S2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxee_device; C:\Windows\system32\lxeecoms.exe [1052328 2010-04-14] ( )
R2 lxee_device; C:\Windows\SysWOW64\lxeecoms.exe [598696 2010-04-14] ( )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SecurityCenterServer1376075522; C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [368640 2014-01-05] () [File not signed]
R2 Update ScanTack; C:\Program Files (x86)\ScanTack\updateScanTack.exe [317728 2014-05-30] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 {fed5e6b2-4fc4-43ba-8e95-001d959d8008}w64; C:\Windows\System32\drivers\{fed5e6b2-4fc4-43ba-8e95-001d959d8008}w64.sys [61112 2014-05-22] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 10:57 - 2014-08-19 10:57 - 00023114 _____ () C:\Users\shehzad\Desktop\FRST.txt
2014-08-19 10:56 - 2014-08-19 10:57 - 00000000 ____D () C:\FRST
2014-08-19 10:56 - 2014-08-19 10:56 - 02101760 _____ (Farbar) C:\Users\shehzad\Desktop\FRST64.exe
2014-08-19 10:10 - 2014-08-19 10:10 - 00003136 _____ () C:\Windows\System32\Tasks\{BF7A24A6-12B9-4E7A-9B74-D68A66471EF5}
2014-08-19 10:04 - 2014-08-19 10:04 - 00000384 _____ () C:\Windows\wininit.ini
2014-08-19 09:23 - 2014-08-19 09:23 - 00001399 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-19 09:23 - 2014-08-19 09:23 - 00001387 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-19 09:23 - 2014-08-19 09:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-19 09:23 - 2014-08-19 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-19 09:22 - 2014-08-19 10:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-19 09:22 - 2014-08-19 09:23 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-19 09:22 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-08-19 09:21 - 2014-08-19 09:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\shehzad\Downloads\spybot-2.4.exe
2014-08-19 09:21 - 2014-08-19 09:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\shehzad\Downloads\spybot-2.4 (1).exe
2014-08-18 20:52 - 2014-08-18 20:52 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\shehzad\Downloads\avira_de_av___ws.exe
2014-08-18 20:36 - 2014-08-18 20:37 - 00373256 _____ () C:\Windows\Minidump\081814-37237-01.dmp
2014-08-18 20:29 - 2014-08-18 20:30 - 01700736 _____ () C:\Windows\Minidump\081814-39577-01.dmp
2014-08-18 20:25 - 2014-08-18 20:27 - 194045080 _____ (Kaspersky Lab) C:\Users\shehzad\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-08-18 20:19 - 2014-08-18 20:20 - 00013680 _____ () C:\Windows\diagwrn.xml
2014-08-18 20:19 - 2014-08-18 20:20 - 00001908 _____ () C:\Windows\diagerr.xml
2014-08-18 20:10 - 2014-08-18 20:10 - 00373528 _____ () C:\Windows\Minidump\081814-38547-01.dmp
2014-08-18 20:08 - 2014-08-18 20:08 - 00001080 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-08-18 19:25 - 2014-08-18 19:25 - 00640616 _____ () C:\Windows\Minidump\081814-23088-01.dmp
2014-08-18 19:16 - 2014-08-18 19:17 - 01700736 _____ () C:\Windows\Minidump\081814-27799-01.dmp
2014-08-18 19:06 - 2014-08-18 19:06 - 00373528 _____ () C:\Windows\Minidump\081814-28875-01.dmp
2014-08-18 18:07 - 2014-08-18 18:07 - 01044672 _____ () C:\Windows\Minidump\081814-36207-01.dmp
2014-08-18 17:30 - 2014-08-19 10:00 - 00000812 _____ () C:\Windows\Tasks\Security Center Update - 1376075522.job
2014-08-18 17:30 - 2014-08-18 17:30 - 00003828 _____ () C:\Windows\System32\Tasks\Security Center Update - 1376075522
2014-08-18 17:30 - 2014-08-18 17:30 - 00000000 ____D () C:\Users\shehzad\AppData\Roaming\Vodeka
2014-08-18 17:30 - 2014-01-05 16:34 - 00368640 _____ () C:\Windows\SysWOW64\haiwuruc.exe
2014-08-18 17:29 - 2014-08-18 17:29 - 00000000 ____D () C:\ProgramData\UhpeRfefh
2014-08-15 18:43 - 2014-08-15 18:43 - 00113815 _____ () C:\Users\shehzad\Downloads\Familienfuersorge Lebensversicherung Mail-Info 965294842-T-71.zip
2014-08-13 09:32 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 09:32 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 09:32 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 09:32 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 09:32 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 09:32 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 09:32 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 09:32 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 08:19 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 08:19 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 08:19 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 08:19 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 08:19 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 08:19 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 08:19 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 08:19 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 08:19 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 08:19 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 08:19 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 08:19 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 08:19 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 08:19 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 08:19 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 08:19 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 08:19 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 08:19 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 08:19 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 08:19 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 08:19 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 08:19 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 08:19 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 08:19 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 08:19 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 08:19 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 08:19 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 08:19 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 08:19 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 08:19 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 08:19 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 08:19 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 08:19 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 08:19 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 08:19 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 08:19 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 08:19 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 08:19 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 08:19 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 08:19 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 08:19 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 08:19 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 08:19 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 08:19 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 08:19 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 08:19 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 08:19 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 08:19 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 08:19 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 08:19 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 08:19 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 08:19 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 08:19 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 08:19 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 08:19 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 08:19 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 08:18 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 08:18 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 08:18 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 08:18 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 08:18 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 08:18 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 08:18 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 08:18 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 08:18 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 08:18 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 08:18 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 08:18 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 08:18 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 08:18 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 08:18 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 08:18 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 08:18 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 08:18 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 08:18 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 08:18 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 08:18 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 08:18 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 08:18 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 08:13 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 08:13 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 08:13 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 08:13 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 12:15 - 2014-08-12 12:15 - 00000601 _____ () C:\Users\shehzad\Downloads\umsatz-5232________6593-20140812.csv
2014-08-11 17:39 - 2014-08-17 14:34 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\Desktop\Geschichten
2014-08-11 17:36 - 2014-08-17 14:34 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\SoftGrid Client
2014-08-11 17:36 - 2014-08-11 17:36 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\SoftGrid Client
2014-08-11 17:30 - 2014-08-11 17:30 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\{F8077320-0BB0-414E-B46A-9C1AABE7B94C}
2014-08-11 17:22 - 2014-08-11 17:22 - 23647099 _____ () C:\Users\Sarah.shehzad-PC\Downloads\WestCoastNZIanRushton.themepack
2014-08-11 17:21 - 2014-08-11 17:21 - 05000883 _____ () C:\Users\Sarah.shehzad-PC\Downloads\BeautyHongKongWilsonAu.themepack
2014-08-11 17:18 - 2014-08-11 17:18 - 15412792 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Hawaii.themepack
2014-08-11 17:17 - 2014-08-11 17:17 - 10212996 _____ () C:\Users\Sarah.shehzad-PC\Downloads\PanoramicWaves.deskthemepack
2014-08-11 17:17 - 2014-08-11 17:17 - 03391991 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Brazil.themepack
2014-08-11 17:16 - 2014-08-11 17:16 - 17781878 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Rainbows.themepack
2014-08-11 17:16 - 2014-08-11 17:16 - 14012484 _____ () C:\Users\Sarah.shehzad-PC\Downloads\SaltLakesDeadSea.themepack
2014-08-11 17:14 - 2014-08-11 17:14 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah.shehzad-PC\Downloads\DefaultPack.EXE
2014-08-11 17:13 - 2014-08-11 17:13 - 02877643 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Lovebirds.themepack
2014-08-11 17:12 - 2014-08-11 17:12 - 12632044 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Calligraphy (1).themepack
2014-08-11 17:12 - 2014-08-11 17:12 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast (2).themepack
2014-08-11 17:11 - 2014-08-11 17:11 - 04396799 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Tigers.themepack
2014-08-11 17:11 - 2014-08-11 17:11 - 04396799 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Tigers (1).themepack
2014-08-11 17:10 - 2014-08-11 17:10 - 12632044 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Calligraphy.themepack
2014-08-11 17:10 - 2014-08-11 17:10 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast (1).themepack
2014-08-11 17:09 - 2014-08-11 17:09 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast.themepack
2014-08-11 17:09 - 2014-08-11 17:09 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Avira
2014-08-11 17:04 - 2014-08-11 17:04 - 00001429 _____ () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-11 17:04 - 2014-08-11 17:04 - 00000020 ___SH () C:\Users\Sarah.shehzad-PC\ntuser.ini
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Vorlagen
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Startmenü
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Netzwerkumgebung
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Lokale Einstellungen
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Eigene Dateien
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Druckumgebung
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Documents\Eigene Musik
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Documents\Eigene Bilder
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Local\Verlauf
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Local\Anwendungsdaten
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Anwendungsdaten
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\ATI
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Adobe
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\Power2Go
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\ATI
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\AMD
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC
2014-08-11 17:04 - 2014-03-30 12:10 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\Google
2014-08-11 17:04 - 2014-03-12 15:28 - 00090936 _____ () C:\Users\Sarah.shehzad-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-11 17:04 - 2011-06-28 01:41 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover
2014-08-11 17:04 - 2011-06-28 01:38 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveEditor
2014-08-11 17:04 - 2011-02-10 22:48 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Macromedia
2014-08-11 17:04 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-11 17:04 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-11 11:47 - 2014-08-11 11:48 - 12632044 _____ () C:\Users\Sarah\Downloads\Calligraphy.themepack
2014-08-11 11:47 - 2014-08-11 11:47 - 16501035 _____ () C:\Users\Sarah\Downloads\NYCityscapesJohnnyWLam.themepack
2014-08-11 11:46 - 2014-08-11 11:46 - 07122824 _____ () C:\Users\Sarah\Downloads\LightPaintingLayonerBeast.themepack
2014-08-11 11:45 - 2014-08-11 11:46 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah\Downloads\DefaultPack (1).EXE
2014-08-11 11:45 - 2014-08-11 11:45 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah\Downloads\DefaultPack.EXE
2014-08-07 17:34 - 2014-08-07 17:35 - 01101648 _____ () C:\Users\shehzad\Downloads\CHIP MP3 Converter for YouTube - CHIP-Installer.exe
2014-08-05 11:10 - 2014-08-05 11:10 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\InstallShield
2014-08-04 14:02 - 2014-08-04 14:02 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{AB42A2CD-DFB9-462B-9843-26E87BDEC644}
2014-08-01 21:43 - 2014-08-01 21:44 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{900D8FF8-BE35-42B7-98D0-7F902D36CB94}
2014-08-01 18:13 - 2014-08-01 18:13 - 00000000 __SHD () C:\Users\Sarah\AppData\Local\EmieUserList
2014-08-01 18:13 - 2014-08-01 18:13 - 00000000 __SHD () C:\Users\Sarah\AppData\Local\EmieSiteList
2014-08-01 11:41 - 2014-08-01 11:41 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Avira
2014-08-01 11:37 - 2014-08-01 11:37 - 00000000 ____D () C:\Users\Sarah\AppData\Local\AMD
2014-08-01 11:36 - 2014-08-01 11:36 - 00001429 _____ () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\ATI
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Power2Go
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Local\ATI
2014-08-01 11:35 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah
2014-08-01 11:35 - 2014-08-01 11:35 - 00000020 ___SH () C:\Users\Sarah\ntuser.ini
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Vorlagen
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Startmenü
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Netzwerkumgebung
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Lokale Einstellungen
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Eigene Dateien
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Druckumgebung
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Documents\Eigene Musik
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Documents\Eigene Bilder
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Local\Verlauf
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Local\Anwendungsdaten
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Anwendungsdaten
2014-08-01 11:35 - 2014-03-30 12:10 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Google
2014-08-01 11:35 - 2014-03-12 15:28 - 00090936 _____ () C:\Users\Sarah\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-01 11:35 - 2011-06-28 01:41 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover
2014-08-01 11:35 - 2011-06-28 01:38 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveEditor
2014-08-01 11:35 - 2011-02-10 22:48 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Macromedia
2014-08-01 11:35 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-01 11:35 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-29 13:19 - 2014-07-29 13:19 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{96EF72E1-2343-4D24-8250-7066177309E4}
2014-07-27 16:54 - 2014-07-27 16:54 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{20796B98-8A1E-417C-B3CC-CABBED48B3D2}
2014-07-25 14:00 - 2014-07-25 14:00 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{C5C32DFF-B1EA-46A4-A865-E74AF662A63E}
2014-07-20 20:14 - 2014-07-20 20:14 - 00978687 _____ () C:\ProgramData\SPLDC0.tmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 10:57 - 2014-08-19 10:57 - 00023114 _____ () C:\Users\shehzad\Desktop\FRST.txt
2014-08-19 10:57 - 2014-08-19 10:56 - 00000000 ____D () C:\FRST
2014-08-19 10:56 - 2014-08-19 10:56 - 02101760 _____ (Farbar) C:\Users\shehzad\Desktop\FRST64.exe
2014-08-19 10:40 - 2013-10-09 12:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 10:31 - 2014-05-25 14:31 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {1DB6657B-232F-495A-B46A-89F94D0B7CE5}.job
2014-08-19 10:27 - 2013-10-23 13:21 - 00000928 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2014-08-19 10:10 - 2014-08-19 10:10 - 00003136 _____ () C:\Windows\System32\Tasks\{BF7A24A6-12B9-4E7A-9B74-D68A66471EF5}
2014-08-19 10:10 - 2014-03-19 09:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-19 10:04 - 2014-08-19 10:04 - 00000384 _____ () C:\Windows\wininit.ini
2014-08-19 10:04 - 2014-08-19 09:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-19 10:04 - 2014-04-14 22:03 - 00000282 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-08-19 10:00 - 2014-08-18 17:30 - 00000812 _____ () C:\Windows\Tasks\Security Center Update - 1376075522.job
2014-08-19 09:24 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-19 09:24 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-19 09:23 - 2014-08-19 09:23 - 00001399 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-19 09:23 - 2014-08-19 09:23 - 00001387 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-19 09:23 - 2014-08-19 09:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-19 09:23 - 2014-08-19 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-19 09:23 - 2014-08-19 09:22 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-19 09:22 - 2014-08-19 09:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\shehzad\Downloads\spybot-2.4.exe
2014-08-19 09:22 - 2014-08-19 09:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\shehzad\Downloads\spybot-2.4 (1).exe
2014-08-19 09:20 - 2013-10-09 21:52 - 01583736 _____ () C:\Windows\WindowsUpdate.log
2014-08-19 09:19 - 2014-04-17 08:40 - 00000000 ____D () C:\Users\shehzad\AppData\Local\fst_de_1
2014-08-19 09:16 - 2014-04-10 23:21 - 00003126 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.job
2014-08-19 09:16 - 2014-04-10 23:21 - 00002198 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.job
2014-08-19 09:16 - 2014-04-10 23:21 - 00001508 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.job
2014-08-19 09:16 - 2014-04-10 23:21 - 00001430 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1.job
2014-08-19 09:16 - 2014-04-10 23:21 - 00001418 _____ () C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.job
2014-08-19 09:16 - 2013-10-23 13:21 - 00000924 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2014-08-19 09:16 - 2013-10-09 21:17 - 00170065 _____ () C:\ProgramData\lxeescan.log
2014-08-19 09:16 - 2013-10-09 12:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-19 09:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-19 09:15 - 2009-07-14 06:51 - 00007294 _____ () C:\Windows\setupact.log
2014-08-19 09:01 - 2009-07-14 06:45 - 00378432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-18 23:37 - 2011-02-10 21:25 - 00699634 _____ () C:\Windows\system32\perfh007.dat
2014-08-18 23:37 - 2011-02-10 21:25 - 00149516 _____ () C:\Windows\system32\perfc007.dat
2014-08-18 23:37 - 2009-07-14 07:13 - 01621276 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-18 20:52 - 2014-08-18 20:52 - 04574968 _____ (Avira Operations GmbH & Co. KG) C:\Users\shehzad\Downloads\avira_de_av___ws.exe
2014-08-18 20:37 - 2014-08-18 20:36 - 00373256 _____ () C:\Windows\Minidump\081814-37237-01.dmp
2014-08-18 20:36 - 2014-04-15 18:11 - 617677318 _____ () C:\Windows\MEMORY.DMP
2014-08-18 20:36 - 2014-04-15 18:11 - 00000000 ____D () C:\Windows\Minidump
2014-08-18 20:30 - 2014-08-18 20:29 - 01700736 _____ () C:\Windows\Minidump\081814-39577-01.dmp
2014-08-18 20:27 - 2014-08-18 20:25 - 194045080 _____ (Kaspersky Lab) C:\Users\shehzad\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-08-18 20:20 - 2014-08-18 20:19 - 00013680 _____ () C:\Windows\diagwrn.xml
2014-08-18 20:20 - 2014-08-18 20:19 - 00001908 _____ () C:\Windows\diagerr.xml
2014-08-18 20:19 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-18 20:10 - 2014-08-18 20:10 - 00373528 _____ () C:\Windows\Minidump\081814-38547-01.dmp
2014-08-18 20:08 - 2014-08-18 20:08 - 00001080 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-08-18 20:08 - 2014-02-08 23:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 20:08 - 2014-02-08 23:22 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 20:07 - 2014-02-08 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 19:25 - 2014-08-18 19:25 - 00640616 _____ () C:\Windows\Minidump\081814-23088-01.dmp
2014-08-18 19:17 - 2014-08-18 19:16 - 01700736 _____ () C:\Windows\Minidump\081814-27799-01.dmp
2014-08-18 19:06 - 2014-08-18 19:06 - 00373528 _____ () C:\Windows\Minidump\081814-28875-01.dmp
2014-08-18 18:07 - 2014-08-18 18:07 - 01044672 _____ () C:\Windows\Minidump\081814-36207-01.dmp
2014-08-18 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-18 17:30 - 2014-08-18 17:30 - 00003828 _____ () C:\Windows\System32\Tasks\Security Center Update - 1376075522
2014-08-18 17:30 - 2014-08-18 17:30 - 00000000 ____D () C:\Users\shehzad\AppData\Roaming\Vodeka
2014-08-18 17:29 - 2014-08-18 17:29 - 00000000 ____D () C:\ProgramData\UhpeRfefh
2014-08-18 12:40 - 2014-06-25 16:07 - 00001471 _____ () C:\Users\alisha\Desktop\Play Now Radio.lnk
2014-08-18 09:41 - 2013-10-10 21:13 - 00000000 ____D () C:\Users\shehzad\AppData\Roaming\Skype
2014-08-17 23:22 - 2013-10-09 13:04 - 00000000 ____D () C:\Users\shehzad\AppData\Roaming\SoftGrid Client
2014-08-17 19:24 - 2013-10-09 21:28 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-08-17 19:01 - 2014-02-18 22:33 - 00000492 _____ () C:\ProgramData\lxeeDiagnostics.log
2014-08-17 14:34 - 2014-08-11 17:39 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\Desktop\Geschichten
2014-08-17 14:34 - 2014-08-11 17:36 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\SoftGrid Client
2014-08-16 08:44 - 2013-10-09 12:57 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 18:43 - 2014-08-15 18:43 - 00113815 _____ () C:\Users\shehzad\Downloads\Familienfuersorge Lebensversicherung Mail-Info 965294842-T-71.zip
2014-08-14 19:10 - 2014-03-19 09:56 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 19:10 - 2014-03-19 09:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-14 19:10 - 2011-06-28 01:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-14 12:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-13 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 09:44 - 2013-10-17 16:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 09:37 - 2011-02-10 22:56 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 09:32 - 2014-05-06 18:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-12 12:15 - 2014-08-12 12:15 - 00000601 _____ () C:\Users\shehzad\Downloads\umsatz-5232________6593-20140812.csv
2014-08-11 17:36 - 2014-08-11 17:36 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\SoftGrid Client
2014-08-11 17:30 - 2014-08-11 17:30 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\{F8077320-0BB0-414E-B46A-9C1AABE7B94C}
2014-08-11 17:22 - 2014-08-11 17:22 - 23647099 _____ () C:\Users\Sarah.shehzad-PC\Downloads\WestCoastNZIanRushton.themepack
2014-08-11 17:21 - 2014-08-11 17:21 - 05000883 _____ () C:\Users\Sarah.shehzad-PC\Downloads\BeautyHongKongWilsonAu.themepack
2014-08-11 17:18 - 2014-08-11 17:18 - 15412792 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Hawaii.themepack
2014-08-11 17:17 - 2014-08-11 17:17 - 10212996 _____ () C:\Users\Sarah.shehzad-PC\Downloads\PanoramicWaves.deskthemepack
2014-08-11 17:17 - 2014-08-11 17:17 - 03391991 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Brazil.themepack
2014-08-11 17:16 - 2014-08-11 17:16 - 17781878 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Rainbows.themepack
2014-08-11 17:16 - 2014-08-11 17:16 - 14012484 _____ () C:\Users\Sarah.shehzad-PC\Downloads\SaltLakesDeadSea.themepack
2014-08-11 17:14 - 2014-08-11 17:14 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah.shehzad-PC\Downloads\DefaultPack.EXE
2014-08-11 17:13 - 2014-08-11 17:13 - 02877643 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Lovebirds.themepack
2014-08-11 17:12 - 2014-08-11 17:12 - 12632044 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Calligraphy (1).themepack
2014-08-11 17:12 - 2014-08-11 17:12 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast (2).themepack
2014-08-11 17:11 - 2014-08-11 17:11 - 04396799 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Tigers.themepack
2014-08-11 17:11 - 2014-08-11 17:11 - 04396799 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Tigers (1).themepack
2014-08-11 17:10 - 2014-08-11 17:10 - 12632044 _____ () C:\Users\Sarah.shehzad-PC\Downloads\Calligraphy.themepack
2014-08-11 17:10 - 2014-08-11 17:10 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast (1).themepack
2014-08-11 17:09 - 2014-08-11 17:09 - 07122824 _____ () C:\Users\Sarah.shehzad-PC\Downloads\LightPaintingLayonerBeast.themepack
2014-08-11 17:09 - 2014-08-11 17:09 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Avira
2014-08-11 17:04 - 2014-08-11 17:04 - 00001429 _____ () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-11 17:04 - 2014-08-11 17:04 - 00000020 ___SH () C:\Users\Sarah.shehzad-PC\ntuser.ini
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Vorlagen
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Startmenü
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Netzwerkumgebung
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Lokale Einstellungen
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Eigene Dateien
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Druckumgebung
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Documents\Eigene Musik
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Documents\Eigene Bilder
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Local\Verlauf
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\AppData\Local\Anwendungsdaten
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 _SHDL () C:\Users\Sarah.shehzad-PC\Anwendungsdaten
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\ATI
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Roaming\Adobe
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\Power2Go
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\ATI
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC\AppData\Local\AMD
2014-08-11 17:04 - 2014-08-11 17:04 - 00000000 ____D () C:\Users\Sarah.shehzad-PC
2014-08-11 11:48 - 2014-08-11 11:47 - 12632044 _____ () C:\Users\Sarah\Downloads\Calligraphy.themepack
2014-08-11 11:47 - 2014-08-11 11:47 - 16501035 _____ () C:\Users\Sarah\Downloads\NYCityscapesJohnnyWLam.themepack
2014-08-11 11:46 - 2014-08-11 11:46 - 07122824 _____ () C:\Users\Sarah\Downloads\LightPaintingLayonerBeast.themepack
2014-08-11 11:46 - 2014-08-11 11:45 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah\Downloads\DefaultPack (1).EXE
2014-08-11 11:45 - 2014-08-11 11:45 - 09607304 _____ (Microsoft Corporation) C:\Users\Sarah\Downloads\DefaultPack.EXE
2014-08-08 20:26 - 2014-04-27 14:48 - 00654336 ___SH () C:\Users\shehzad\Downloads\Thumbs.db
2014-08-07 17:35 - 2014-08-07 17:34 - 01101648 _____ () C:\Users\shehzad\Downloads\CHIP MP3 Converter for YouTube - CHIP-Installer.exe
2014-08-07 14:20 - 2013-10-10 21:12 - 00000000 ____D () C:\ProgramData\Skype
2014-08-07 04:06 - 2014-08-13 08:13 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 08:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 11:10 - 2014-08-05 11:10 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\InstallShield
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 14:02 - 2014-08-04 14:02 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{AB42A2CD-DFB9-462B-9843-26E87BDEC644}
2014-08-01 21:44 - 2014-08-01 21:43 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{900D8FF8-BE35-42B7-98D0-7F902D36CB94}
2014-08-01 18:13 - 2014-08-01 18:13 - 00000000 __SHD () C:\Users\Sarah\AppData\Local\EmieUserList
2014-08-01 18:13 - 2014-08-01 18:13 - 00000000 __SHD () C:\Users\Sarah\AppData\Local\EmieSiteList
2014-08-01 11:41 - 2014-08-01 11:41 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Avira
2014-08-01 11:37 - 2014-08-01 11:37 - 00000000 ____D () C:\Users\Sarah\AppData\Local\AMD
2014-08-01 11:36 - 2014-08-01 11:36 - 00001429 _____ () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\ATI
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Adobe
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Local\Power2Go
2014-08-01 11:36 - 2014-08-01 11:36 - 00000000 ____D () C:\Users\Sarah\AppData\Local\ATI
2014-08-01 11:36 - 2014-08-01 11:35 - 00000000 ____D () C:\Users\Sarah
2014-08-01 11:35 - 2014-08-01 11:35 - 00000020 ___SH () C:\Users\Sarah\ntuser.ini
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Vorlagen
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Startmenü
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Netzwerkumgebung
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Lokale Einstellungen
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Eigene Dateien
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Druckumgebung
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Documents\Eigene Musik
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Documents\Eigene Bilder
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Local\Verlauf
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\AppData\Local\Anwendungsdaten
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 _SHDL () C:\Users\Sarah\Anwendungsdaten
2014-08-01 01:41 - 2014-08-13 08:19 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 08:19 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 22:06 - 2014-05-30 20:51 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-29 13:19 - 2014-07-29 13:19 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{96EF72E1-2343-4D24-8250-7066177309E4}
2014-07-27 16:54 - 2014-07-27 16:54 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{20796B98-8A1E-417C-B3CC-CABBED48B3D2}
2014-07-27 10:02 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-25 16:52 - 2014-08-13 08:19 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-13 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-13 08:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-13 08:19 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-13 08:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-13 08:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-13 08:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-13 08:19 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 08:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-13 08:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-13 08:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-13 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-13 08:19 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-13 08:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-13 08:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-13 08:19 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-13 08:19 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-13 08:19 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 08:19 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-13 08:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-13 08:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-13 08:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 08:19 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-13 08:19 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-13 08:19 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-13 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-13 08:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-13 08:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-13 08:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-13 08:19 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-13 08:19 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-13 08:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-13 08:19 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 08:19 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 14:00 - 2014-07-25 14:00 - 00000000 ____D () C:\Users\shehzad\AppData\Local\{C5C32DFF-B1EA-46A4-A865-E74AF662A63E}
2014-07-25 13:52 - 2014-08-13 08:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 08:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 08:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 08:19 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 08:19 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-13 08:19 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-13 08:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-13 08:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 08:19 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 08:19 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 08:19 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-13 08:19 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-13 08:19 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-13 08:19 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 08:19 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 08:19 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 08:19 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 08:19 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 08:19 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 08:19 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-20 20:14 - 2014-07-20 20:14 - 00978687 _____ () C:\ProgramData\SPLDC0.tmp
Some content of TEMP:
====================
C:\Users\alisha\AppData\Local\Temp\avgnt.exe
C:\Users\alisha\AppData\Local\Temp\drm_dialogs.dll
C:\Users\alisha\AppData\Local\Temp\drm_dyndata_7320010.dll
C:\Users\Sarah\AppData\Local\Temp\avgnt.exe
C:\Users\Sarah.shehzad-PC\AppData\Local\Temp\avgnt.exe
C:\Users\shehzad\AppData\Local\Temp\avgnt.exe
C:\Users\shehzad\AppData\Local\Temp\VP6Install.exe
C:\Users\shehzad\AppData\Local\Temp\VP6VFW.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 00:46
==================== End Of Log ============================
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by shehzad at 2014-08-19 10:58:17
Running from C:\Users\shehzad\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.114 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.684.213 - Advanced Micro Devices Inc.) Hidden
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0707.2346.40825 - AMD) Hidden
AMD Media Foundation Decoders (Version: 1.0.60707.2331 - ATI Technologies Inc.) Hidden
ATI AVIVO64 Codecs (Version: 11.6.0.10707 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{B72CAB06-4420-F4D1-AFBB-AF9093D3D237}) (Version: 3.0.833.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
ccc-utility64 (Version: 2011.0707.2346.40825 - ATI) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Lexmark Pro700 Series (HKLM\...\Lexmark Pro700 Series) (Version: - Lexmark International, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ScanTack (HKLM\...\ScanTack) (Version: 2014.05.30.150643 - ScanTack) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Total Uninstall 6.4.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.4.1 - Gavrila Martau)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-08-2014 07:45:12 Geplanter Prüfpunkt
13-08-2014 06:11:53 Windows Update
13-08-2014 07:31:55 Windows Update
13-08-2014 22:58:41 Windows Update
19-08-2014 06:15:23 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {086B95EC-772B-46F8-9998-CA84BFB4E4E6} - System32\Tasks\{AB159400-B175-49A2-94DD-122F7F00803B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {09A46B40-F55B-449A-BBD6-2C29B7A02BF8} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-23] (BonanzaDeals) <==== ATTENTION
Task: {2391C03B-B2B2-433B-AE53-CAF315333589} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-24] (Uniblue Systems Limited)
Task: {245BD3E0-0A38-4C22-A067-00BEFBF3AF4D} - System32\Tasks\{7FAC5E21-9611-4111-9AD0-9D97CADFEF1A} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Burning Studio\burningstudio.exe [2010-03-19] ()
Task: {2AEF6088-AABA-49F3-8B53-6F6E08D932E5} - System32\Tasks\Price Meter Updater => C:\Users\shehzad\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {2F02C421-B7DE-423A-BF8C-9F80036F12B2} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.exe <==== ATTENTION
Task: {304F45BD-2640-46D9-B248-7E91A6C1D676} - System32\Tasks\Play Now Radio => C:\Users\alisha\AppData\Local\playnowradio\playnowradio\1.3.4.22\playnowradio.exe [2014-03-06] (Pay By Ads LTD)
Task: {31FB817F-2FC0-415B-B5CA-E0EE0CDDC864} - System32\Tasks\UpdaterEX => C:\Users\shehzad\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {3200EDFD-2EEA-4B46-B877-0ABE70B9FFC2} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-23] (BonanzaDeals) <==== ATTENTION
Task: {327513AD-B4F9-44A8-B435-0717FB6DB6BE} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {341323E9-DF92-4EEA-BE92-505AB3D9F4B6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {4D41B39E-F182-4EAE-BFDE-180313AC2DD7} - System32\Tasks\Security Center Update - 1376075522 => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe [2014-01-05] ()
Task: {4EA0FF40-41E3-4EFD-BA67-6D0AE8749039} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-09] (Google Inc.)
Task: {5187A258-5AA6-4BF4-BA54-8A2A814D0600} - System32\Tasks\{52AFAD36-978D-4DB5-9133-31C5BBBB3A9E} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Optimizer\photooptimizer.exe [2010-08-27] ()
Task: {532F9F3C-359F-46DC-B432-CCAE93BF3618} - System32\Tasks\{7DCD380B-BDDC-4D3C-BBB0-9E05D0B393DD} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {5D8E38BA-48DA-431A-AC31-2A100B09E11D} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.exe <==== ATTENTION
Task: {6823D1BE-37A5-4453-81BB-5875424FFE58} - System32\Tasks\{6E6F044E-E1C1-48C5-8846-C98A6C6FF79F} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Commander\apc.exe [2010-03-16] (ashampoo GmbH & Co. KG)
Task: {68C643DA-560C-4058-BF85-A21016BBCAF8} - System32\Tasks\{B311DB15-409C-4F5C-A2CA-3B96D0E9B8B3} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {7CD7EA51-3752-413A-8777-F226BD217065} - System32\Tasks\{F9FF6C01-0F77-4892-90C1-AB11BA9A8473} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {7FB3FC1A-9834-4E66-B6D0-AD2F6F35F92C} - System32\Tasks\{C3BFF0CF-95D8-4225-8394-302BDEAC466F} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Snap\ashsnap.exe [2010-03-20] (ashampoo GmbH & Co. KG)
Task: {972D1880-A511-4429-B032-2831AA653B9F} - System32\Tasks\{351A3EDF-51A8-4161-B94C-89F4378A7A26} => C:\Program Files (x86)\Flash Player Pro\Flash Player Pro.exe
Task: {A180C3BE-BEA5-4087-B299-0AD0742565A2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {AB067E2C-2D59-4792-AEA7-93A327E00451} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-14] (Adobe Systems Incorporated)
Task: {AC92E9BF-6D2B-4A32-886C-355E339224BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-09] (Google Inc.)
Task: {BC4C52EA-90B6-4908-A357-2E7C4015E94A} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.exe <==== ATTENTION
Task: {C4EFD966-1A90-4852-ADEF-90CD7494C73C} - System32\Tasks\{7F6C8D6A-E32F-45D7-B3BC-249B17FAB4C4} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Optimizer\photooptimizer.exe [2010-08-27] ()
Task: {C8A99DFA-96D1-400C-8C1A-D8A12CCB5AB1} - System32\Tasks\{25253F42-D79C-4472-AF27-D41A3824C54D} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Commander\apc.exe [2010-03-16] (ashampoo GmbH & Co. KG)
Task: {CB91BCB8-2627-4EB3-9EDC-E6D3EABD0DAA} - System32\Tasks\{C6C20EFD-3F5D-4974-A65A-EF9F37C21E87} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.60.106/de/eula
Task: {D5654A96-C6E5-4193-BEEC-CD6C1E229855} - System32\Tasks\FF Watcher {1DB6657B-232F-495A-B46A-89F94D0B7CE5} => C:\Program Files\V-bates\PrefHelper.exe
Task: {DABEEC72-2BD2-4E20-BE0B-3219A53931DE} - System32\Tasks\{F9DF7985-8072-4D9B-8A2D-6F3FC176F73B} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2010-09-29] (ATI Technologies Inc.)
Task: {DBAB8BC7-8391-4A21-9603-35F84C745E33} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {DC45EE92-694F-499D-9936-4E79967B4AC3} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4 => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe <==== ATTENTION
Task: {E813E246-C5F7-43B4-AB05-4D5C3BE79134} - System32\Tasks\{DD6357C3-9F85-4003-83FE-5EA5E4094F54} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {ECFED13C-77B7-4525-BE1B-2D476C34AB5B} - System32\Tasks\{D7523B32-B93F-4528-9BF6-EFA32E0EF58D} => C:\Program Files (x86)\Medion MediaPack\Ashampoo Photo Optimizer\photooptimizer.exe [2010-08-27] ()
Task: {F290E9C5-55DB-40AA-9AD4-79E5EB43B5FB} - System32\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: {F294E5FA-4CE9-454F-B3DA-2B420CEAB505} - System32\Tasks\pricemeterdownloader => C:\Users\shehzad\AppData\Local\PriceMeter\pricemeterd.exe
Task: {FB2F5B85-9BE2-4898-8F8D-A64DC93D0A26} - System32\Tasks\{DC04D699-98E2-4552-9CA2-E168BBA0723B} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {FF008A85-FAAB-42B3-9C6E-6E0A28109C87} - System32\Tasks\{60C667F5-2886-4333-863B-AC1AE3BECC4F} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.job => C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\FF Watcher {1DB6657B-232F-495A-B46A-89F94D0B7CE5}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Price Meter Updater.job => C:\Users\shehzad\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 1376075522.job => C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\shehzad\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-10-09 21:28 - 2009-11-04 13:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeedrpp.dll
2011-07-08 08:36 - 2011-07-08 08:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00032288 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-04-17 08:40 - 2014-04-08 11:08 - 03267536 _____ () C:\Users\shehzad\AppData\Local\fst_de_1\upfst_de_1.exe
2014-02-08 23:02 - 2013-01-30 16:25 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
2014-02-08 23:02 - 2013-01-30 16:25 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
2014-01-05 16:34 - 2014-01-05 16:34 - 00368640 _____ () C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exe
2014-02-09 12:41 - 2014-04-29 11:17 - 00023072 _____ () C:\Program Files (x86)\LPT\srptm.exe
2011-07-08 08:36 - 2011-07-08 08:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-07-08 08:44 - 2011-07-08 08:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-12-16 11:42 - 2009-12-16 11:42 - 00205824 _____ () C:\Program Files\Lexmark\Pro700 Series\lxeemicro.dll
2010-04-01 17:30 - 2010-04-01 17:30 - 01558528 _____ () C:\Program Files\Lexmark\Pro700 Series\lxeedrs64.dll
2009-03-10 05:44 - 2009-03-10 05:44 - 00015360 _____ () C:\Program Files\Lexmark\Pro700 Series\lxeecaps64.dll
2014-05-30 17:06 - 2014-05-30 17:06 - 00317728 _____ () C:\Program Files (x86)\ScanTack\updateScanTack.exe
2014-02-09 12:41 - 2014-02-09 12:41 - 00070176 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00022048 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-02-08 23:02 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeescw.dll
2014-02-08 23:02 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeedatr.dll
2014-02-08 23:02 - 2009-05-27 08:13 - 00081920 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeecats.dll
2014-02-08 23:02 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeDRS.dll
2014-02-08 23:02 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeecaps.dll
2009-02-20 08:48 - 2009-02-20 08:48 - 00381440 _____ () C:\Windows\system32\lxeesm.dll
2009-04-28 07:56 - 2009-04-28 07:56 - 00024064 _____ () C:\Windows\system32\lxeesmr.dll
2014-02-08 23:02 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epwizard.DLL
2014-02-08 23:02 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\customui.dll
2014-02-08 23:02 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Eputil.DLL
2014-02-08 23:02 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Imagutil.DLL
2014-02-08 23:02 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epfunct.DLL
2014-02-08 23:02 - 2009-06-23 07:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPWizRes.dll
2014-02-08 23:02 - 2009-06-23 07:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\epstring.dll
2014-02-08 23:02 - 2009-06-23 07:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPOEMDll.dll
2014-02-08 23:02 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\iptk.dll
2014-02-08 23:02 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeptp.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-02-09 12:41 - 2014-04-29 11:18 - 00057888 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00066080 _____ () C:\Program Files (x86)\LPT\sppsm.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00155680 _____ () C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00027168 _____ () C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00165920 _____ () C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00044064 _____ () C:\Program Files (x86)\LPT\srbu.dll
2014-04-14 22:03 - 2014-04-14 22:03 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00021880 _____ () C:\Program Files (x86)\LPT\srpdm.dll
2014-02-09 12:41 - 2014-04-29 11:17 - 00039456 _____ () C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 08:43 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-19 09:22 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-19 09:22 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-19 09:22 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-19 09:22 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-19 09:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-16 08:44 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2014 10:09:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDScan.exe, Version 2.4.40.181 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b38
Startzeit: 01cfbb7ea92337a6
Endzeit: 79
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Berichts-ID: 0d980617-2778-11e4-b808-8c89a557884c
Error: (08/19/2014 09:21:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01e54909
ID des fehlerhaften Prozesses: 0x34c
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/19/2014 09:17:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53f2109a
Name des fehlerhaften Moduls: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53f2109a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000042b5
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xpiarudx.exe0
Pfad der fehlerhaften Anwendung: piarudx.exe1
Pfad des fehlerhaften Moduls: piarudx.exe2
Berichtskennung: piarudx.exe3
Error: (08/19/2014 08:16:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53d75949
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.17239, Zeitstempel: 0x53d26078
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00136cef
ID des fehlerhaften Prozesses: 0x850
Startzeit der fehlerhaften Anwendung: 0xpiarudx.exe0
Pfad der fehlerhaften Anwendung: piarudx.exe1
Pfad des fehlerhaften Moduls: piarudx.exe2
Berichtskennung: piarudx.exe3
Error: (08/19/2014 08:13:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00624909
ID des fehlerhaften Prozesses: 0x1b70
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/18/2014 11:28:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01eb4909
ID des fehlerhaften Prozesses: 0xad0
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/18/2014 09:26:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00314909
ID des fehlerhaften Prozesses: 0x16fc
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/18/2014 09:21:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53f2109a
Name des fehlerhaften Moduls: piarudx.exe, Version: 0.0.0.0, Zeitstempel: 0x53f2109a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000042b5
ID des fehlerhaften Prozesses: 0xb28
Startzeit der fehlerhaften Anwendung: 0xpiarudx.exe0
Pfad der fehlerhaften Anwendung: piarudx.exe1
Pfad des fehlerhaften Moduls: piarudx.exe2
Berichtskennung: piarudx.exe3
Error: (08/18/2014 08:19:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00524909
ID des fehlerhaften Prozesses: 0x1714
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (08/18/2014 07:54:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.5.13, Zeitstempel: 0x532807b9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01e24909
ID des fehlerhaften Prozesses: 0x1674
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
System errors:
=============
Error: (08/19/2014 10:14:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 10:14:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 10:13:04 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 10:04:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wpm Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/19/2014 09:47:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:45 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/19/2014 09:47:45 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (08/19/2014 10:09:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDScan.exe2.4.40.1811b3801cfbb7ea92337a679C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe0d980617-2778-11e4-b808-8c89a557884c
Error: (08/19/2014 09:21:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c000000501e5490934c01cfbb7e2ab0b594C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknown69b9d7f8-2771-11e4-b808-8c89a557884c
Error: (08/19/2014 09:17:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: piarudx.exe0.0.0.053f2109apiarudx.exe0.0.0.053f2109ac0000005000042b5b2c01cfbb7d76fd9845C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exeC:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exed21fab15-2770-11e4-b808-8c89a557884c
Error: (08/19/2014 08:16:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: piarudx.exe0.0.0.053d75949mshtml.dll11.0.9600.1723953d26078c000000500136cef85001cfbb74adad2826C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exeC:\Windows\SysWOW64\mshtml.dll633d97ba-2768-11e4-9915-8c89a557884c
Error: (08/19/2014 08:13:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c0000005006249091b7001cfbb74a6186edcC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknownea7d1b14-2767-11e4-9915-8c89a557884c
Error: (08/18/2014 11:28:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c000000501eb4909ad001cfbb2b4d89856cC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknown8cff1881-271e-11e4-aa6c-742f6817a37b
Error: (08/18/2014 09:26:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c00000050031490916fc01cfbb1a4509760fC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknown838ec084-270d-11e4-8f58-8c89a557884c
Error: (08/18/2014 09:21:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: piarudx.exe0.0.0.053f2109apiarudx.exe0.0.0.053f2109ac0000005000042b5b2801cfbb1990a6e510C:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exeC:\Users\shehzad\AppData\Roaming\Vodeka\piarudx.exee6d85b11-270c-11e4-8f58-8c89a557884c
Error: (08/18/2014 08:19:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c000000500524909171401cfbb10de70168dC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknown21a0316f-2704-11e4-bca3-742f6817a37b
Error: (08/18/2014 07:54:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jucheck.exe2.8.5.13532807b9unknown0.0.0.000000000c000000501e24909167401cfbb0d72342cdeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeunknownb1a03a72-2700-11e4-815f-742f6817a37b
CodeIntegrity Errors:
===================================
Date: 2014-02-07 09:39:07.504
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.502
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.500
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.478
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.476
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-07 09:39:07.474
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 16:30:47.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 16:30:47.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 16:30:47.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 16:30:47.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD A8-3800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 52%
Total physical RAM: 3576.13 MB
Available physical RAM: 1705.91 MB
Total Pagefile: 7150.45 MB
Available Pagefile: 4015.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:890.41 GB) (Free:829.74 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:19.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5183A2EF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=890.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
So funktioniert es:
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 