Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.08.2014, 11:13   #1
trokj
 
Windows XP:  Deinstallation von SpeedUpMyComputer / FixMyRegistry - Standard

Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry



Hallo zusammen,

Habe mir bei der Suche nach Treibern "SpeedUpMyComputer / FixMyRegistry" runtergeladen und installiert.

Nun habe ich versucht die Programme zu löschen aber es geht leider nicht.
Wenn ich SpeedUpMyComputer deinstalliere, installiert es sich automatisch das FixMyRegistry

Und wenn ich FixMyRegistry deinstalliere installiert es automatisch das SpeedUpMyComputer.
----------

Ich bin gleich zu diesem Board geganen -- also keine eigenen Versuche unternommen. Denn mein Norton-Virenscanner ist seit einiger Zeit ausgeschaltet (Subscription nicht verlängert). Die Vorbereitungschritte habe ich für die Hilfe-Anfrage durchgeführt, wie in der Checkliste beschrieben -- die logfile-Texte sind unten angehängt.

Bemerkung:
ich werde mein Bertriebssystem von Win XP auf Win 8.1 upgraden. Muss aber die vorhandenen Dateien migrieren, die jetzt mit dieser Malware befallen sind. Somit kann ich die Harddisk nicht einfach formtieren.

Bitte um Hilfe.

Herzlichen Danke im vorraus



FRST
Zitat

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:9-08-2014 01
Ran by Administrator (administrator) on DEBRECEN on 10-08-2014 08:00:57
Running from C:\Documents and Settings\Administrator\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
() C:\Program Files\LPT\srpts.exe
(Speedchecker) C:\Program Files\Internet Speed Checker\554c9551-b337-43c8-ab01-4f36dcfd520a.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\ColorNavigator\ColorNavigatorAgent.exe
() C:\WINDOWS\SMINST\Scheduler.exe
() C:\Program Files\LPT\srptsl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\LPT\srptm.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\UniColor Pro\ucpro.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(TomTom) C:\Program Files\TomTom HOME 2\HOMERunner.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\EIZO EasyPIX\EasyPIX.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\ScreenSlicer\ESCSlicer.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\WINDOWS\system32\MDM.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Speedchecker) C:\Program Files\Internet Speed Checker\Internet Speed Checker-bg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UnoColor Pro] => C:\Program Files\EIZO\UniColor Pro\ucpro.exe [2712872 2009-04-10] (EIZO NANAO CORPORATION)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\HOMERunner.exe [202088 2008-05-06] (TomTom)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [RegistryBooster] => "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734312 2014-07-30] (Google)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UpdateMyDrivers] => C:\Program Files\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [SpeedUpMyComputer] => C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [FixMyRegistry] => C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe [1886840 2014-05-26] ()
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\MountPoints2: {2f3e41f9-a9a0-11df-87ef-002481ed8efc} - L:\InstallTomTomHOME.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EIZO EasyPIX.lnk
ShortcutTarget: EIZO EasyPIX.lnk -> C:\Program Files\EIZO\EIZO EasyPIX\EasyPIX.exe (EIZO NANAO CORPORATION)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EIZO ScreenSlicer.lnk
ShortcutTarget: EIZO ScreenSlicer.lnk -> C:\WINDOWS\Installer\{292A177D-723F-4537-9985-BC8BFCD8B63D}\ESCSlicer.exe1_87A06423E78E426E924121140A36B659.exe (Macrovision Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=55&CUI=&UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ch&c=91&bd=all&pf=cmws
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=58&CUI=&UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=58&CUI=&UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&q={searchTerms}&SSPV=
BHO: Internet Speed Checker -> {11111111-1111-1111-1111-110611171152} -> C:\Program Files\Internet Speed Checker\Internet Speed Checker-bho.dll (Speedchecker)
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360\Engine\4.4.0.12\IPSBHO.DLL (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} hxxp://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256340086406
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-10-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-24]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn
FF Extension: Norton IPS - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn [2011-01-25]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6 [2014-08-10]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [114688 2008-09-24] (Broadcom Corporation) [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-10] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-10] (globalUpdate) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2009-10-23] (Sun Microsystems, Inc.)
R2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [32776 2014-07-21] ()
R2 N360; C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [364544 2006-06-13] (SoftThinks) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [623640 2009-02-06] (PDF Complete Inc)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S4 adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [105472 2002-05-09] (Adaptec, Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [100368 2011-08-08] (Advanced Micro Devices)
R2 BASFND; C:\Program Files\Broadcom\MgmtAgent\BASFND.sys [10480 2008-12-04] (Broadcom Corporation) [File not signed]
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20120823.005\BHDrvx86.sys [995488 2012-08-23] (Symantec Corporation)
S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [89600 2008-10-29] (Broadcom Corporation) [File not signed]
R1 ccHP; C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys [485512 2011-08-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-08-27] (Symantec Corporation)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2008-04-14] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2008-04-14] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2008-04-14] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2008-04-14] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2008-04-14] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2008-04-14] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2008-04-14] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2008-04-14] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2008-04-14] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2008-04-14] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2008-04-14] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2008-04-14] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2008-04-14] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2008-04-14] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2008-04-14] (Intel(R) Corporation)
S3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20120825.001\IDSxpx86.sys [373216 2012-08-24] (Symantec Corporation)
S3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20120828.002\NAVENG.SYS [92704 2012-08-27] (Symantec Corporation)
S3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20120828.002\NAVEX15.SYS [1601184 2012-08-27] (Symantec Corporation)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [42752 2008-04-14] (Microsoft Corporation)
S3 SRTSP; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS [325680 2010-04-22] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS [43696 2010-04-22] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\N360\0404000.00C\SYMDS.SYS [328752 2010-02-04] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\N360\0404000.00C\SYMEFA.SYS [173176 2011-08-22] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2011-01-25] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)
S4 Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic) [File not signed]
R1 SYMTDI; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS [362360 2011-08-22] (Symantec Corporation)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 08:00 - 2014-08-10 08:01 - 00019549 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-08-10 08:00 - 2014-08-10 08:00 - 00000000 ____D () C:\FRST
2014-08-10 07:59 - 2014-08-10 07:59 - 01084928 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-08-10 07:56 - 2014-08-10 07:57 - 00000488 _____ () C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
2014-08-10 07:56 - 2014-08-10 07:56 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable
2014-08-10 07:50 - 2014-08-10 07:50 - 00050477 _____ () C:\Documents and Settings\Administrator\Desktop\Defogger.exe
2014-08-10 06:17 - 2014-08-10 06:17 - 00000865 _____ () C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
2014-08-10 06:13 - 2014-08-10 06:17 - 00000000 ____D () C:\Program Files\SmartTweak
2014-08-10 05:44 - 2014-08-10 05:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RegClean
2014-08-10 05:08 - 2014-08-10 06:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
2014-08-10 05:08 - 2014-08-10 05:44 - 00003824 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00002120 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00001634 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00001488 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00001380 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00001322 _____ () C:\WINDOWS\Tasks\554c9551-b337-43c8-ab01-4f36dcfd520a.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00000944 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-10 05:08 - 2014-08-10 05:13 - 00000948 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Program Files\Internet Speed Checker
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Program Files\globalUpdate
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
2014-08-10 05:02 - 2014-08-10 05:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-10 05:02 - 2014-08-10 05:02 - 00000000 ____D () C:\Program Files\SoftwareUpdater
2014-08-10 05:02 - 2014-08-10 05:02 - 00000000 ____D () C:\Program Files\LPT
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\QuickScan
2014-08-10 04:58 - 2014-08-10 04:58 - 00637192 _____ (Free Driver Scout) C:\Documents and Settings\Administrator\Desktop\free-driver-scout.exe
2014-08-10 02:22 - 2014-08-10 02:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Program Files\AMD APP
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Pro Control Center
2014-08-10 02:15 - 2014-08-10 02:15 - 00017654 _____ () C:\WINDOWS\system32\CCCInstall_201408100215415156.log
2014-08-10 02:15 - 2014-08-10 02:15 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-10 02:14 - 2014-08-10 02:14 - 00000000 ____D () C:\Program Files\ATI
2014-08-10 02:14 - 2012-05-24 05:50 - 00956160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ativvamv.dll
2014-08-10 02:14 - 2012-05-24 04:44 - 00205720 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-08-10 02:14 - 2012-05-24 04:42 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-08-10 02:14 - 2011-08-08 22:58 - 00100368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdXP3.sys
2014-08-10 01:19 - 2014-08-10 06:17 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
2014-08-10 01:18 - 2014-08-10 01:18 - 03363688 _____ () C:\Documents and Settings\Administrator\Desktop\UpdateMyDrivers.exe
2014-08-09 21:19 - 2014-08-09 21:26 - 00000000 ____D () C:\Program Files\PCPitstop
2014-08-09 21:19 - 2014-08-09 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCPitstop
2014-08-09 11:51 - 2014-08-09 11:51 - 00000000 ____D () C:\Documents and Settings\pg\My Documents\ACER
2014-08-08 15:54 - 2014-08-08 15:54 - 00000761 _____ () C:\Documents and Settings\Administrator\Start Menu\SnagIt32.lnk
2014-08-08 14:09 - 2014-08-10 05:45 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Google Drive
2014-08-08 14:09 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Google Drive
2014-08-08 14:07 - 2014-08-08 14:07 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-08-02 13:59 - 2014-08-02 14:00 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\MAC EXAMPLES
2014-08-02 11:56 - 2014-08-02 12:51 - 05326417 _____ (Phil Harvey) C:\WINDOWS\exiftool.exe
2014-08-02 08:32 - 2014-08-02 08:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\SnagIt Catalog
2014-08-02 08:11 - 2014-08-02 08:11 - 00000000 ____D () C:\Program Files\ExifTool
2014-08-02 07:53 - 2014-08-02 08:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Luffi
2014-08-02 07:52 - 2014-08-02 07:56 - 00000000 ____D () C:\Program Files\Luffi
2014-08-02 06:24 - 2014-08-02 06:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\FileViewPro
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IsolatedStorage
2014-08-02 06:13 - 2014-08-02 06:13 - 00000000 ____D () C:\Spacekace
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Help
2014-08-01 17:42 - 2014-08-01 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Windows Search
2014-08-01 16:46 - 2014-08-01 16:46 - 00526936 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-01 16:14 - 2014-08-01 16:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Hewlett-Packard
2014-08-01 15:53 - 2014-08-01 16:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-01 10:30 - 2014-08-10 05:44 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-01 10:30 - 2014-08-08 15:31 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 08:01 - 2014-08-10 08:00 - 00019549 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-08-10 08:01 - 2010-08-26 18:32 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9E0D393-B7AA-4CF4-9C2A-849F2A0791C9}.job
2014-08-10 08:01 - 2009-10-24 06:55 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-08-10 08:00 - 2014-08-10 08:00 - 00000000 ____D () C:\FRST
2014-08-10 07:59 - 2014-08-10 07:59 - 01084928 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-08-10 07:57 - 2014-08-10 07:56 - 00000488 _____ () C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
2014-08-10 07:56 - 2014-08-10 07:56 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable
2014-08-10 07:56 - 2009-10-24 06:55 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-10 07:53 - 2012-06-25 13:27 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-10 07:50 - 2014-08-10 07:50 - 00050477 _____ () C:\Documents and Settings\Administrator\Desktop\Defogger.exe
2014-08-10 07:49 - 2011-12-15 12:42 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 07:34 - 2009-04-06 16:00 - 01695766 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-10 06:20 - 2014-08-10 05:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
2014-08-10 06:17 - 2014-08-10 06:17 - 00000865 _____ () C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
2014-08-10 06:17 - 2014-08-10 06:13 - 00000000 ____D () C:\Program Files\SmartTweak
2014-08-10 06:17 - 2014-08-10 01:19 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
2014-08-10 05:48 - 2009-04-06 15:51 - 00555864 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-10 05:45 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Google Drive
2014-08-10 05:44 - 2014-08-10 05:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RegClean
2014-08-10 05:44 - 2014-08-10 05:08 - 00003824 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00002120 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00001634 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00001488 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00001380 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00001322 _____ () C:\WINDOWS\Tasks\554c9551-b337-43c8-ab01-4f36dcfd520a.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00000944 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-10 05:44 - 2014-08-01 10:30 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-10 05:44 - 2012-06-25 13:08 - 00118784 _____ (SoftThinks) C:\WINDOWS\system32\chg.exe
2014-08-10 05:44 - 2011-12-15 12:42 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-10 05:44 - 2009-10-30 12:12 - 00000000 ____D () C:\WINDOWS\SMINST
2014-08-10 05:44 - 2009-10-24 06:53 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-10 05:44 - 2009-10-24 06:53 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-10 05:44 - 2009-10-24 06:53 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-08-10 05:44 - 2009-04-06 16:00 - 00855797 _____ () C:\WINDOWS\setupapi.log
2014-08-10 05:43 - 2009-05-20 13:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-10 05:42 - 2009-10-24 06:52 - 00032462 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-10 05:42 - 2009-10-23 13:33 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-08-10 05:42 - 2009-05-20 13:40 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-10 05:31 - 2010-10-10 22:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\07_IT
2014-08-10 05:13 - 2014-08-10 05:08 - 00000948 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-08-10 05:09 - 2014-08-10 05:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Program Files\Internet Speed Checker
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Program Files\globalUpdate
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
2014-08-10 05:02 - 2014-08-10 05:02 - 00000000 ____D () C:\Program Files\SoftwareUpdater
2014-08-10 05:02 - 2014-08-10 05:02 - 00000000 ____D () C:\Program Files\LPT
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\QuickScan
2014-08-10 04:58 - 2014-08-10 04:58 - 00637192 _____ (Free Driver Scout) C:\Documents and Settings\Administrator\Desktop\free-driver-scout.exe
2014-08-10 04:50 - 2009-10-24 06:55 - 00000000 ____D () C:\WINDOWS\Help
2014-08-10 02:22 - 2014-08-10 02:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Program Files\AMD APP
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Pro Control Center
2014-08-10 02:16 - 2009-10-23 23:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-10 02:15 - 2014-08-10 02:15 - 00017654 _____ () C:\WINDOWS\system32\CCCInstall_201408100215415156.log
2014-08-10 02:15 - 2014-08-10 02:15 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-10 02:15 - 2009-10-24 06:59 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-10 02:14 - 2014-08-10 02:14 - 00000000 ____D () C:\Program Files\ATI
2014-08-10 02:10 - 2009-10-23 13:29 - 00000000 ____D () C:\AMD
2014-08-10 01:18 - 2014-08-10 01:18 - 03363688 _____ () C:\Documents and Settings\Administrator\Desktop\UpdateMyDrivers.exe
2014-08-09 21:26 - 2014-08-09 21:19 - 00000000 ____D () C:\Program Files\PCPitstop
2014-08-09 21:19 - 2014-08-09 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCPitstop
2014-08-09 11:59 - 2010-03-21 13:35 - 00000178 ___SH () C:\Documents and Settings\user1.DEBRECEN\ntuser.ini
2014-08-09 11:59 - 2010-03-21 13:35 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\Local Settings\Temp
2014-08-09 11:51 - 2014-08-09 11:51 - 00000000 ____D () C:\Documents and Settings\pg\My Documents\ACER
2014-08-09 11:50 - 2010-10-09 01:28 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT
2014-08-09 01:34 - 2011-12-30 13:05 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\Local Settings\Application Data\Google
2014-08-09 01:32 - 2009-10-24 01:06 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-08-08 16:24 - 2009-10-30 13:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2014-08-08 15:54 - 2014-08-08 15:54 - 00000761 _____ () C:\Documents and Settings\Administrator\Start Menu\SnagIt32.lnk
2014-08-08 15:31 - 2014-08-01 10:30 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 14:09 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Google Drive
2014-08-08 14:07 - 2014-08-08 14:07 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-08-08 14:07 - 2009-10-30 13:24 - 00000000 ____D () C:\Program Files\Google
2014-08-06 00:48 - 2009-10-23 22:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PDFC
2014-08-03 20:09 - 2011-02-21 01:50 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\01_Analysis
2014-08-02 14:02 - 2011-04-10 00:41 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Job
2014-08-02 14:02 - 2010-03-21 23:06 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\Jobsearch
2014-08-02 14:00 - 2014-08-02 13:59 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\MAC EXAMPLES
2014-08-02 12:51 - 2014-08-02 11:56 - 05326417 _____ (Phil Harvey) C:\WINDOWS\exiftool.exe
2014-08-02 08:32 - 2014-08-02 08:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\SnagIt Catalog
2014-08-02 08:11 - 2014-08-02 08:11 - 00000000 ____D () C:\Program Files\ExifTool
2014-08-02 08:11 - 2014-08-02 07:53 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Luffi
2014-08-02 07:56 - 2014-08-02 07:52 - 00000000 ____D () C:\Program Files\Luffi
2014-08-02 06:24 - 2014-08-02 06:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\FileViewPro
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IsolatedStorage
2014-08-02 06:13 - 2014-08-02 06:13 - 00000000 ____D () C:\Spacekace
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Help
2014-08-01 17:50 - 2009-10-24 06:53 - 00004288 _____ () C:\WINDOWS\wmsetup.log
2014-08-01 17:50 - 2009-10-24 06:52 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-08-01 17:42 - 2014-08-01 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Windows Search
2014-08-01 16:46 - 2014-08-01 16:46 - 00526936 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-01 16:14 - 2014-08-01 16:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Hewlett-Packard
2014-08-01 16:12 - 2014-08-01 15:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-01 16:12 - 2009-10-23 22:03 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-01 15:53 - 2009-10-23 22:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP Cool Tools
2014-08-01 15:17 - 2011-12-15 12:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Google
2014-08-01 12:19 - 2010-09-07 00:33 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\00_Admin
2014-08-01 10:31 - 2011-12-15 12:41 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2014-08-01 08:44 - 2010-09-19 14:24 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\02_Trading
2014-07-11 21:06 - 2014-03-31 01:20 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\IBM
2014-07-11 21:02 - 2013-09-06 11:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-11 21:00 - 2009-10-24 01:51 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-11 21:00 - 2009-10-24 01:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-07-11 20:53 - 2012-06-25 13:27 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-11 20:53 - 2012-06-25 13:27 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\6_Offer_11.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\AtiCimUn.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\DownloadManager.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\FixMyRegistry.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nsb47.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nsl2E.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nsp2A.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\SearchProtectINT.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\sfa_inst.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\SpeedUpMyComputer.exe
C:\Documents and Settings\user1.DEBRECEN\Local Settings\Temp\vqhk35cq.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         

Addition
Zitat

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:9-08-2014 01
Ran by Administrator at 2014-08-10 08:01:22
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO Codecs (Version: 10.0.0.40103 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6D02AB7E-3B50-C6FE-F1CF-66F763D64E30}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Avery Wizard 5.0 (HKLM\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
BadCopy Pro (HKLM\...\BadCopy Pro) (Version:  - )
Broadcom Management Programs (HKLM\...\{C3CB6145-2F42-4C1C-B938-E254C8B5F48B}) (Version: 11.75.09 - Broadcom Corporation)
Canon CanoScan Toolbox 4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version:  - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Pro Control Center (Version: 2012.0523.2258.39384 - Ihr Firmenname) Hidden
CCC Help Chinese Standard (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
ColorNavigator (HKLM\...\{D5312328-0583-4E88-95EF-DE92A01797C2}) (Version: 5.2.3 - EIZO NANAO CORPORATION)
CutePDF (Evaluation) (HKLM\...\CutePDF (Evaluation)) (Version:  - )
CutePDF Writer 2.3 (HKLM\...\CutePDF Writer Installation) (Version:  - )
dvdisaster-0.72.3 (HKLM\...\dvdisaster_is1) (Version:  - dvdisaster project)
EIZO EasyPIX Software (HKLM\...\{E9DF3B08-7541-42E3-AF57-BBF039D1DEE4}) (Version: 1.0.6 - EIZO NANAO CORPORATION)
EIZO ScreenSlicer (HKLM\...\{292A177D-723F-4537-9985-BC8BFCD8B63D}) (Version: 1.0.1.1 - EIZO NANAO CORPORATION)
FireGL driver for 3D Studio MAX/VIZ (HKLM\...\{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}) (Version: 6.14.10.5015 - )
FixMyRegistry (HKLM\...\FixMyRegistry) (Version: 38.1 - SmartTweak Software) <==== ATTENTION
Google Drive (HKLM\...\{BF55F7D7-7791-41DD-91D7-8EA595CE548C}) (Version: 1.17.7224.1867 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Backup and Recovery Manager (HKLM\...\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}) (Version: 2.5C - Hewlett-Packard Company)
HP Help and Support (HKLM\...\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}) (Version: 4.4.0002 - HPQ)
HP Performance Advisor (HKLM\...\{8E3138D3-686D-4F77-A807-CFF5CAEC98D7}) (Version: 1.7.6530 - Hewlett-Packard Company)
HP Performance Tuning Framework (HKLM\...\{03BFDA4C-5233-4EB6-8BD7-8D0AE3044757}) (Version: 2.28.3117 - Hewlett-Packard)
HydraVision (Version: 4.2.218.0 - Advanced Micro Devices, Inc.) Hidden
Internet Speed Checker (HKLM\...\Internet Speed Checker) (Version: 1.34.7.29 - Speedchecker)
IsoBuster 3.2 (HKLM\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
Java(TM) 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
LPT System Updater Service (HKLM\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Luffi - Let's use freeware! Fun included ;) (v. 2.3.238) (HKLM\...\Luffi) (Version: 1.0.238.0 - Das Luffi Team)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft VM for Java (HKLM\...\MsJavaVM) (Version:  - )
Microsoft Web Publishing Wizard 1.53 (HKLM\...\WebPost) (Version:  - )
Norton 360 (HKLM\...\N360) (Version: 4.4.0.12 - Symantec Corporation)
PDF Complete (HKLM\...\PDF Complete) (Version: 3.5.85 - PDF Complete, Inc.)
Skins (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
TomTom HOME (HKLM\...\TomTom HOME) (Version: 2.3.1.92 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UniColor Pro (HKLM\...\{07D4FAFC-5D2C-49B0-9A9C-5726E5559381}) (Version: 1.3.0 - EIZO)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - ColorVision Inc (Spyder) USB  (08/07/2006 1.0.0.2) (HKLM\...\3F4E49464F141105CA373E77D00E57404393778F) (Version: 08/07/2006 1.0.0.2 - ColorVision Inc)
Windows Driver Package - Datacolor (Spyder3) USB  (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\A106663FD3361BDFACB045D83EBA03858EB1E411) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\F2F24872454C7CAEAABD8BB063F70FBEFF01989D) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - X-Rite (colormunki) XRiteDevices  (08/21/2006 2.40.0.1315) (HKLM\...\975DA77B1E3D07FC79378569A82F13404D027518) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1) XRiteDevices  (08/21/2006 2.40.0.1315) (HKLM\...\4BCA7532847C66A175AD419E8ED0CB00EA9F9A4A) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1) XRiteDevices  (08/21/2006 2.40.0.1315) (HKLM\...\4E0F9F38E610D91FA71E1E43F274568B68C54028) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1display) XRiteDevices  (08/21/2006 2.0.0.0) (HKLM\...\BE6334FA182AB4DD51AECFD703C81D6B65B2BBF3) (Version: 08/21/2006 2.0.0.0 - X-Rite)
Windows Driver Package - X-Rite (X-Rite) USB  (01/10/2007 3.1.0.0) (HKLM\...\79EC760EF05657EC2806CC712767C4C3FCE76693) (Version: 01/10/2007 3.1.0.0 - X-Rite)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-965756728-169831054-4282204201-500_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)

==================== Restore Points  =========================

29-05-2014 21:20:42 System Checkpoint
29-05-2014 22:11:42 Software Distribution Service 3.0
11-06-2014 20:07:54 Software Distribution Service 3.0
11-07-2014 19:00:16 Software Distribution Service 3.0
01-08-2014 04:48:51 System Checkpoint
01-08-2014 13:53:01 Removed HP Performance Tuning Framework
01-08-2014 13:53:07 Installed HP Performance Tuning Framework
01-08-2014 14:12:14 Installed HP Performance Advisor
03-08-2014 18:56:49 System Checkpoint
05-08-2014 23:13:13 System Checkpoint
07-08-2014 17:34:59 System Checkpoint
08-08-2014 18:09:39 System Checkpoint
09-08-2014 21:12:29 System Checkpoint
10-08-2014 00:15:15 Removed ATI Catalyst Control Center
10-08-2014 03:02:34 Free Driver Scout
10-08-2014 03:05:38 Free Driver Scout
10-08-2014 03:39:40 Removed Shopop
10-08-2014 04:16:13 Removed Microsoft Silverlight

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-10-24 06:53 - 2008-04-14 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\554c9551-b337-43c8-ab01-4f36dcfd520a.job => C:\Program Files\Internet Speed Checker\554c9551-b337-43c8-ab01-4f36dcfd520a.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1.job => C:\Program Files\Internet Speed Checker\Internet Speed Checker-codedownloader.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.job => C:\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.job => C:\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.job => C:\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.job => C:\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9E0D393-B7AA-4CF4-9C2A-849F2A0791C9}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2011-04-09 21:23 - 2004-12-14 09:54 - 00081920 _____ () C:\WINDOWS\system32\cpwmon2k.dll
2014-07-21 18:49 - 2014-07-21 18:49 - 00032776 _____ () C:\Program Files\LPT\srpts.exe
2014-07-21 18:49 - 2014-07-21 18:59 - 00043016 _____ () C:\Program Files\LPT\srptc.dll
2014-07-21 18:48 - 2014-07-21 18:57 - 00018952 _____ () C:\Program Files\LPT\Smartbar.Common.dll
2014-05-08 13:21 - 2014-05-08 13:21 - 00301056 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.DEU
2009-06-02 14:59 - 2009-06-02 14:59 - 00142336 _____ () C:\Program Files\EIZO\ColorNavigator\CNHid.dll
2009-04-23 10:41 - 2009-04-23 10:41 - 00055808 _____ () C:\Program Files\EIZO\ColorNavigator\CNVideo.dll
2009-05-29 16:24 - 2009-05-29 16:24 - 00046080 _____ () C:\Program Files\EIZO\ColorNavigator\HidUsage.dll
2009-04-02 16:23 - 2009-04-02 16:23 - 00006656 _____ () C:\Program Files\EIZO\ColorNavigator\DisplayAreaSetting.dll
2009-05-29 16:24 - 2009-05-29 16:24 - 00055296 _____ () C:\Program Files\EIZO\ColorNavigator\CMYKValidation.dll
2009-05-07 11:32 - 2009-05-07 11:32 - 00082944 _____ () C:\Program Files\EIZO\ColorNavigator\ColorProfile.dll
2009-04-02 16:23 - 2009-04-02 16:23 - 00165376 _____ () C:\Program Files\EIZO\ColorNavigator\libcolour.dll
2009-10-30 12:12 - 2006-07-10 11:53 - 00872448 _____ () C:\WINDOWS\SMINST\Scheduler.exe
2014-07-21 18:49 - 2014-07-21 18:59 - 00034824 _____ () C:\Program Files\LPT\srptsl.exe
2014-07-21 18:49 - 2014-07-21 18:59 - 00069128 _____ () C:\Program Files\LPT\srut.dll
2014-07-21 18:49 - 2014-07-21 18:59 - 00023048 _____ () C:\Program Files\LPT\srptm.exe
2014-07-21 18:49 - 2014-07-21 18:59 - 00081928 _____ () C:\Program Files\LPT\srpt.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00067080 _____ () C:\Program Files\LPT\sppsm.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00158216 _____ () C:\Program Files\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00027144 _____ () C:\Program Files\LPT\Smartbar.Personalization.Common.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00165896 _____ () C:\Program Files\LPT\Smartbar.Infrastructure.Utilities.dll
2014-07-21 18:49 - 2014-07-21 18:59 - 00046088 _____ () C:\Program Files\LPT\srbu.dll
2014-07-21 18:49 - 2014-07-21 18:59 - 00025096 _____ () C:\Program Files\LPT\srpdm.dll
2014-07-21 18:47 - 2014-07-21 18:57 - 00026632 _____ () C:\Program Files\LPT\ProxySettings.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00044040 _____ () C:\Program Files\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-07-21 18:47 - 2014-07-21 18:57 - 00052744 _____ () C:\Program Files\LPT\Proxy.Lib.dll
2014-07-21 18:49 - 2014-07-21 18:59 - 00027656 _____ () C:\Program Files\LPT\sreu.dll
2008-04-14 14:42 - 2013-01-02 08:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2008-04-14 14:41 - 2008-04-14 14:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 14:42 - 2008-04-14 14:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2010-03-16 12:22 - 2010-03-16 12:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2012-05-23 22:57 - 2012-05-23 22:57 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2008-07-16 10:14 - 2008-07-16 10:14 - 00163840 ____R () C:\Program Files\EIZO\EIZO EasyPIX\libcolour.dll
2008-09-05 10:08 - 2008-09-05 10:08 - 00282624 _____ () C:\Program Files\EIZO\EIZO EasyPIX\IccProfLib.dll
2014-08-10 05:44 - 2014-08-10 05:44 - 00098816 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32api.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00110080 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\pywintypes27.dll
2014-08-10 05:44 - 2014-08-10 05:44 - 00364544 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\pythoncom27.dll
2014-08-10 05:44 - 2014-08-10 05:44 - 00045568 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_socket.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 01160704 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_ssl.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00320512 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32com.shell.shell.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00713216 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_hashlib.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 01175040 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._core_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00805888 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._gdi_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00811008 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._windows_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 01062400 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._controls_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00735232 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._misc_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00128512 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_elementtree.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00127488 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\pyexpat.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00557056 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\pysqlite2._sqlite.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00007168 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\hashobjs_ext.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00087552 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_ctypes.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00119808 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32file.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00108544 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32security.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00018432 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32event.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00038912 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32inet.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00070656 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._html2.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00167936 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32gui.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00011264 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32crypt.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00027136 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_multiprocessing.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00686080 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\unicodedata.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00122368 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._wizard.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00010240 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\select.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00024064 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32pipe.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00025600 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32pdh.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00525640 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\windows._lib_cacheinvalidation.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00035840 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32process.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00017408 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32profile.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00022528 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32ts.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00078336 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._animate.pyd
2014-08-10 05:08 - 2014-08-10 05:08 - 00392560 _____ () c:\program files\internet speed checker\Internet Speed Checker-buttonutil.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\exiftool.exe:SummaryInformation
AlternateDataStreams: C:\WINDOWS\exiftool.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/10/2014 05:08:08 AM) (Source: MsiInstaller) (EventID: 11309) (User: DEBRECEN)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)

Error: (08/10/2014 05:02:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application PCSUQuickScan.exe, version 0.0.0.0, faulting module PCSUQuickScan.exe, version 0.0.0.0, fault address 0x00006ee0.
Processing media-specific event for [PCSUQuickScan.exe!ws!]

Error: (08/10/2014 05:01:37 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2014 05:01:37 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2014 00:32:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/10/2014 00:32:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/10/2014 00:32:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/10/2014 00:32:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/09/2014 10:32:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/09/2014 10:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (08/10/2014 05:44:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/10/2014 05:10:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/10/2014 02:22:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/10/2014 00:36:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/09/2014 08:24:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/09/2014 08:57:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/09/2014 01:34:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/08/2014 01:54:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/07/2014 06:38:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/06/2014 05:14:15 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\iaStor0


Microsoft Office Sessions:
=========================
Error: (02/11/2012 02:53:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1028 seconds with 1020 seconds of active time.  This session ended with a crash.

Error: (01/22/2011 10:16:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30333 seconds with 1080 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 3567.21 MB
Available physical RAM: 2620.71 MB
Total Pagefile: 5448.47 MB
Available Pagefile: 4232.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:453.3 GB) (Free:395.17 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive j: (HP_RECOVERY) (Fixed) (Total:12.46 GB) (Free:2.63 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 3B2B3B2B)
Partition 1: (Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Gmer
Zitat
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-10 10:02:42
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Intel___ rev.1.0. 465.76GB
Running: Gmer-19357.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uwlyapob.sys


---- System - GMER 2.1 ----

SSDT            89829050                                                            ZwAlertResumeThread
SSDT            8985E050                                                            ZwAlertThread
SSDT            89748390                                                            ZwAllocateVirtualMemory
SSDT            89857050                                                            ZwAssignProcessToJobObject
SSDT            899B4128                                                            ZwConnectPort
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                        ZwCreateKey [0xAD070210]
SSDT            89755008                                                            ZwCreateMutant
SSDT            898F9F38                                                            ZwCreateSymbolicLinkObject
SSDT            897E8C38                                                            ZwCreateThread
SSDT            89794050                                                            ZwDebugActiveProcess
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                        ZwDeleteKey [0xAD070490]
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                        ZwDeleteValueKey [0xAD0709F0]
SSDT            897695B8                                                            ZwDuplicateObject
SSDT            8974C1B0                                                            ZwFreeVirtualMemory
SSDT            89844050                                                            ZwImpersonateAnonymousToken
SSDT            897FF050                                                            ZwImpersonateThread
SSDT            8999A518                                                            ZwLoadDriver
SSDT            897EDF00                                                            ZwMapViewOfSection
SSDT            8977C050                                                            ZwOpenEvent
SSDT            89747100                                                            ZwOpenProcess
SSDT            8975E110                                                            ZwOpenProcessToken
SSDT            89852050                                                            ZwOpenSection
SSDT            89755310                                                            ZwOpenThread
SSDT            8979AD60                                                            ZwProtectVirtualMemory
SSDT            8988A050                                                            ZwResumeThread
SSDT            89854050                                                            ZwSetContextThread
SSDT            897B9F38                                                            ZwSetInformationProcess
SSDT            89865050                                                            ZwSetSystemInformation
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                        ZwSetValueKey [0xAD070C40]
SSDT            89874050                                                            ZwSuspendProcess
SSDT            898E7790                                                            ZwSuspendThread
SSDT            8A7DA4F8                                                            ZwTerminateProcess
SSDT            89789050                                                            ZwTerminateThread
SSDT            89769DB0                                                            ZwUnmapViewOfSection
SSDT            8A824E88                                                            ZwWriteVirtualMemory

---- Kernel code sections - GMER 2.1 ----

?               SYMDS.SYS                                                           The system cannot find the file specified. !
?               SYMEFA.SYS                                                          The system cannot find the file specified. !
.text           C:\WINDOWS\system32\DRIVERS\ati2mtag.sys                            section is writeable [0xB946D000, 0x2BCEC4, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text           C:\WINDOWS\system32\SearchIndexer.exe[2172] kernel32.dll!WriteFile  7C8112FF 7 Bytes  JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetSysColor        7E418E78 5 Bytes  JMP 004170D0 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetSysColorBrush   7E418EAB 5 Bytes  JMP 00417140 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!SetScrollInfo      7E419056 7 Bytes  JMP 00416FC0 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetScrollInfo      7E42DFE2 7 Bytes  JMP 00416F10 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!ShowScrollBar      7E42F2F2 5 Bytes  JMP 00417090 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetScrollPos       7E42F704 5 Bytes  JMP 00416F50 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!SetScrollPos       7E42F750 5 Bytes  JMP 00417000 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetScrollRange     7E42F787 5 Bytes  JMP 00416F80 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!SetScrollRange     7E42F99B 5 Bytes  JMP 00417040 C:\WINDOWS\SMINST\Scheduler.exe
.text           C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!EnableScrollBar    7E468005 7 Bytes  JMP 00416ED0 C:\WINDOWS\SMINST\Scheduler.exe

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\Tcpip \Device\Ip                                            SYMTDI.SYS
AttachedDevice  \Driver\Tcpip \Device\Tcp                                           SYMTDI.SYS
AttachedDevice  \Driver\Tcpip \Device\Udp                                           SYMTDI.SYS
AttachedDevice  \Driver\Tcpip \Device\RawIp                                         SYMTDI.SYS
AttachedDevice  \FileSystem\Fastfat \Fat                                            fltMgr.sys

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                               unknown MBR code

---- EOF - GMER 2.1 ----
         

Alt 10.08.2014, 11:53   #2
M-K-D-B
/// TB-Ausbilder
 
Windows XP:  Deinstallation von SpeedUpMyComputer / FixMyRegistry - Standard

Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!








Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 10.08.2014, 19:39   #3
trokj
 
Windows XP:  Deinstallation von SpeedUpMyComputer / FixMyRegistry - Standard

Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry



Hallo Mathias, ich habe die 3 Schritte ausgführt, hier die Log Dateien:

Bemerkung:
- AdwCleaner: 3 Log-Dateien, mit Nummerierung R0, R1 und S0
- MBAM: ich musste 2 mal neu anfangen, deshalb 3 MBAM Log-Dateien


AdwCleaner Nr. R0
Zitat
Code:
ATTFilter
# AdwCleaner v3.304 - Report created 10/08/2014 at 18:03:44
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DEBRECEN
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
# Option : Scan

***** [ Services ] *****

Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : LPTSystemUpdater

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
Folder Found : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\focusbase
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
Folder Found : C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
Folder Found : C:\Documents and Settings\All Users\Application Data\RegClean
Folder Found : C:\Documents and Settings\user1.DEBRECEN\Application Data\Uniblue
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\Program Files\Internet Speed Checker
Folder Found : C:\Program Files\LPT
Folder Found : C:\Program Files\SmartTweak
Folder Found : C:\Program Files\SoftwareUpdater

***** [ Scheduled Tasks ] *****

Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : 554c9551-b337-43c8-ab01-4f36dcfd520a
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Internet Speed Checker
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171152}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\smarttweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\Software\GlobalUpdate
Key Found : HKLM\Software\InstalledBrowserExtensions
Key Found : HKLM\Software\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FixMyRegistry
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper 

Objects\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : 

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\Software\Uniblue
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RegistryBooster]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - 

hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=55&CUI=&

UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&SSPV=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - 

hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw

pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - 

hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw

pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - 

hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw

pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - 

hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw

pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - 

hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw

pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}

*************************

AdwCleaner[R0].txt - [12076 octets] - [10/08/2014 18:03:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12137 octets] ##########
         

AdwCleaner Nr. R1
Zitat
Code:
ATTFilter
# AdwCleaner v3.304 - Report created 10/08/2014 at 18:05:04
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DEBRECEN
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
# Option : Scan

***** [ Services ] *****

Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : LPTSystemUpdater

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
Folder Found : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\focusbase
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
Folder Found : C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
Folder Found : C:\Documents and Settings\All Users\Application Data\RegClean
Folder Found : C:\Documents and Settings\user1.DEBRECEN\Application Data\Uniblue
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\Program Files\Internet Speed Checker
Folder Found : C:\Program Files\LPT
Folder Found : C:\Program Files\SmartTweak
Folder Found : C:\Program Files\SoftwareUpdater

***** [ Scheduled Tasks ] *****

Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : 554c9551-b337-43c8-ab01-4f36dcfd520a
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Internet Speed Checker
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171152}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\smarttweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\Software\GlobalUpdate
Key Found : HKLM\Software\InstalledBrowserExtensions
Key Found : HKLM\Software\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FixMyRegistry
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\Software\Uniblue
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RegistryBooster]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=55&CUI=&UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&SSPV=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}

*************************

AdwCleaner[R0].txt - [12218 octets] - [10/08/2014 18:03:44]
AdwCleaner[R1].txt - [12137 octets] - [10/08/2014 18:05:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [12198 octets] ##########
         

AdwCleaner Nr. S0
Zitat
Code:
ATTFilter
# AdwCleaner v3.304 - Report created 10/08/2014 at 18:05:27
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DEBRECEN
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : LPTSystemUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\RegClean
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\LPT
Folder Deleted : C:\Program Files\SmartTweak
Folder Deleted : C:\Program Files\SoftwareUpdater
Folder Deleted : C:\Program Files\Internet Speed Checker
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
Folder Deleted : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\focusbase
Folder Deleted : C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Documents and Settings\user1.DEBRECEN\Application Data\Uniblue
File Deleted : C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 554c9551-b337-43c8-ab01-4f36dcfd520a
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RegistryBooster]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Internet Speed Checker
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\InstalledBrowserExtensions
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FixMyRegistry
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Speed Checker
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

*************************

AdwCleaner[R0].txt - [12218 octets] - [10/08/2014 18:03:44]
AdwCleaner[R1].txt - [12279 octets] - [10/08/2014 18:05:04]
AdwCleaner[S0].txt - [11070 octets] - [10/08/2014 18:05:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11131 octets] ##########
         

MBAM Nr1
Zitat
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 10.08.2014 18:35:59, SYSTEM, DEBRECEN, Protection, Malware Protection, Starting, 
Protection, 10.08.2014 18:35:59, SYSTEM, DEBRECEN, Protection, Malware Protection, Started, 
Protection, 10.08.2014 18:35:59, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting, 
Protection, 10.08.2014 18:36:01, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started, 
Update, 10.08.2014 18:36:02, SYSTEM, DEBRECEN, Manual, Rootkit Database, 2014.2.20.1, 2014.8.4.1, 
Update, 10.08.2014 18:36:15, SYSTEM, DEBRECEN, Manual, Malware Database, 2014.3.4.9, 2014.8.10.4, 
Protection, 10.08.2014 18:36:16, SYSTEM, DEBRECEN, Protection, Refresh, Starting, 
Protection, 10.08.2014 18:36:16, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopping, 
Protection, 10.08.2014 18:36:16, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopped, 
Protection, 10.08.2014 18:36:23, SYSTEM, DEBRECEN, Protection, Refresh, Success, 
Protection, 10.08.2014 18:36:24, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting, 
Protection, 10.08.2014 18:36:26, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started, 
Protection, 10.08.2014 18:58:39, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopping, 
Protection, 10.08.2014 18:58:39, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopped, 
Protection, 10.08.2014 18:58:39, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting, 
Protection, 10.08.2014 18:58:43, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started, 
Protection, 10.08.2014 19:01:07, SYSTEM, DEBRECEN, Protection, Malware Protection, Starting, 
Protection, 10.08.2014 19:01:07, SYSTEM, DEBRECEN, Protection, Malware Protection, Started, 
Protection, 10.08.2014 19:01:07, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting, 
Protection, 10.08.2014 19:01:13, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started, 
Protection, 10.08.2014 19:05:02, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopping, 
Protection, 10.08.2014 19:05:03, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopped, 
Protection, 10.08.2014 19:05:03, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting, 
Protection, 10.08.2014 19:05:07, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started, 
Protection, 10.08.2014 19:23:10, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopping, 
Protection, 10.08.2014 19:23:10, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopped, 
Protection, 10.08.2014 19:23:10, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting, 
Protection, 10.08.2014 19:23:15, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started, 
Protection, 10.08.2014 19:25:25, SYSTEM, DEBRECEN, Protection, Malware Protection, Starting, 
Protection, 10.08.2014 19:25:26, SYSTEM, DEBRECEN, Protection, Malware Protection, Started, 
Protection, 10.08.2014 19:25:26, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting, 
Protection, 10.08.2014 19:25:54, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started, 

(end)
         

MBAM Nr. 2
Zitat
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 10.08.2014
Suchlauf-Zeit: 19:06:13
Logdatei: anti-maleware nr.2_19-06-13.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.10.04
Rootkit Datenbank: v2014.08.04.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Administrator

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 434075
Verstrichene Zeit: 14 Min, 50 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 1
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 

Dateien: 17
PUP.Optional.SmartBar, C:\WINDOWS\Installer\MSI4C.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [9dfbd1f1b0cb4ee8cb72b17dd92748b8], 
PUP.Optional.SmartBar, C:\WINDOWS\Installer\MSI5A.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [4b4d5c66f388c76f98a5111d21dfe917], 
PUP.Optional.SmartBar, C:\WINDOWS\Installer\MSI75.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [8d0b15adec8f8caaeb52d35b43bda060], 
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5AV4AY66\spstub[1].exe, In Quarantäne, [dcbc39892f4cff371738bdd4e71a29d7], 
PUP.Optional.SearchProtect.A, C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NWIUQ7OU\SPSetup[1].exe, In Quarantäne, [e7b1774bd9a22a0ca06b77201de4e41c], 
PUP.Optional.SearchProtect.A, C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\QCOSKRK9\SearchProtectGeneric2[1].exe, In Quarantäne, [b6e2d4ee1962d06623cebd7e629ed12f], 
PUP.Optional.FocusBase.A, C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\X4FYPJDL\focusbaseSetup[1].exe, In Quarantäne, [267209b9f5864ee8e770cee829db03fd], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleCrashHandler.exe, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleUpdate.exe, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleUpdateBroker.exe, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleUpdateHelper.msi, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleUpdateOnDemand.exe, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\goopdate.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\goopdateres_en.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\npGoogleUpdate4.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\psmachine.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\psuser.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         

MBAM Nr. 3
Zitat
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 10.08.2014
Suchlauf-Zeit: 18:39:22
Logdatei: anti-maleware nr.3_19-39-22.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.10.04
Rootkit Datenbank: v2014.08.04.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Administrator

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgebrochen
Durchsuchte Objekte: 35931
Verstrichene Zeit: 15 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 7
PUP.Optional.OutBrowse, C:\Documents and Settings\Administrator\Desktop\free-driver-scout.exe, In Quarantäne, [b23a6460c4b7d66013091d0109f743bd], 
PUP.Optional.OutBrowse, C:\Documents and Settings\Administrator\Local Settings\Temp\DownloadManager.exe, In Quarantäne, [c12ba51f770482b4b5676cb2748ccc34], 
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temp\nsb47.exe, In Quarantäne, [0ae2497b1665e254d90b216b6998b24e], 
PUP.Optional.SearchProtect.A, C:\Documents and Settings\Administrator\Local Settings\Temp\nsk24.tmp, In Quarantäne, [09e3dce8364514225fac5047ba47649c], 
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temp\nsl2E.exe, In Quarantäne, [8f5df9cb710a51e508dc632923deea16], 
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temp\nsp2A.exe, In Quarantäne, [628af1d34f2cea4cb52f74189e6317e9], 
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temp\SearchProtectINT.exe, In Quarantäne, [df0d368efd7ea3937bb135f27b86e818], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         

FRST
Zitat

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-08-2014 01
Ran by Administrator (administrator) on DEBRECEN on 10-08-2014 20:02:58
Running from C:\Documents and Settings\Administrator\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\ColorNavigator\ColorNavigatorAgent.exe
() C:\WINDOWS\SMINST\Scheduler.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\UniColor Pro\ucpro.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(TomTom) C:\Program Files\TomTom HOME 2\HOMERunner.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\EIZO EasyPIX\EasyPIX.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\ScreenSlicer\ESCSlicer.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UnoColor Pro] => C:\Program Files\EIZO\UniColor Pro\ucpro.exe [2712872 2009-04-10] (EIZO NANAO CORPORATION)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\HOMERunner.exe [202088 2008-05-06] (TomTom)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734312 2014-07-30] (Google)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UpdateMyDrivers] => C:\Program Files\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-12-15] (Google Inc.)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\MountPoints2: {2f3e41f9-a9a0-11df-87ef-002481ed8efc} - L:\InstallTomTomHOME.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EIZO EasyPIX.lnk
ShortcutTarget: EIZO EasyPIX.lnk -> C:\Program Files\EIZO\EIZO EasyPIX\EasyPIX.exe (EIZO NANAO CORPORATION)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EIZO ScreenSlicer.lnk
ShortcutTarget: EIZO ScreenSlicer.lnk -> C:\WINDOWS\Installer\{292A177D-723F-4537-9985-BC8BFCD8B63D}\ESCSlicer.exe1_87A06423E78E426E924121140A36B659.exe (Macrovision Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ch&c=91&bd=all&pf=cmws
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360\Engine\4.4.0.12\IPSBHO.DLL (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} hxxp://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256340086406
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-10-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-24]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn
FF Extension: Norton IPS - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn [2011-01-25]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6 [2014-08-10]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [114688 2008-09-24] (Broadcom Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2009-10-23] (Sun Microsystems, Inc.)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [364544 2006-06-13] (SoftThinks) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [623640 2009-02-06] (PDF Complete Inc)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S4 adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [105472 2002-05-09] (Adaptec, Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [100368 2011-08-08] (Advanced Micro Devices)
R2 BASFND; C:\Program Files\Broadcom\MgmtAgent\BASFND.sys [10480 2008-12-04] (Broadcom Corporation) [File not signed]
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20120823.005\BHDrvx86.sys [995488 2012-08-23] (Symantec Corporation)
S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [89600 2008-10-29] (Broadcom Corporation) [File not signed]
R1 ccHP; C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys [485512 2011-08-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-08-27] (Symantec Corporation)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2008-04-14] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2008-04-14] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2008-04-14] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2008-04-14] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2008-04-14] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2008-04-14] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2008-04-14] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2008-04-14] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2008-04-14] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2008-04-14] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2008-04-14] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2008-04-14] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2008-04-14] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2008-04-14] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2008-04-14] (Intel(R) Corporation)
S3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20120825.001\IDSxpx86.sys [373216 2012-08-24] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-10] (Malwarebytes Corporation)
S3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20120828.002\NAVENG.SYS [92704 2012-08-27] (Symantec Corporation)
S3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20120828.002\NAVEX15.SYS [1601184 2012-08-27] (Symantec Corporation)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [42752 2008-04-14] (Microsoft Corporation)
S3 SRTSP; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS [325680 2010-04-22] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS [43696 2010-04-22] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\N360\0404000.00C\SYMDS.SYS [328752 2010-02-04] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\N360\0404000.00C\SYMEFA.SYS [173176 2011-08-22] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2011-01-25] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)
S4 Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic) [File not signed]
R1 SYMTDI; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS [362360 2011-08-22] (Symantec Corporation)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 20:02 - 2014-08-10 20:02 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\FRST-OlderVersion
2014-08-10 19:44 - 2014-08-10 19:44 - 00001211 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.2_19-04-38.txt
2014-08-10 19:42 - 2014-08-10 19:42 - 00002218 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.4_19-39-22.txt
2014-08-10 19:40 - 2014-08-10 19:40 - 00004415 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.3_19-06-13.txt
2014-08-10 19:38 - 2014-08-10 19:38 - 00003293 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.1_19-35-59.txt
2014-08-10 18:55 - 2014-08-10 18:55 - 00002118 _____ () C:\Documents and Settings\Administrator\Desktop\malwar protololl 1.txt
2014-08-10 18:35 - 2014-08-10 19:26 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-10 18:35 - 2014-08-10 18:35 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-10 18:35 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-10 18:35 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-10 18:31 - 2014-08-10 18:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Administrator\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-10 18:12 - 2014-08-10 18:12 - 00012218 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R0].txt
2014-08-10 18:10 - 2014-08-10 18:10 - 00012279 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R1].txt
2014-08-10 18:09 - 2014-08-10 18:09 - 00011212 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[S0].txt
2014-08-10 18:08 - 2014-08-10 19:25 - 00118784 _____ (SoftThinks) C:\WINDOWS\system32\chg.exe
2014-08-10 18:03 - 2014-08-10 18:11 - 00000000 ____D () C:\AdwCleaner
2014-08-10 18:00 - 2014-08-10 18:00 - 01366203 _____ () C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
2014-08-10 10:02 - 2014-08-10 10:02 - 00006773 _____ () C:\Documents and Settings\Administrator\Desktop\Gmer.txt
2014-08-10 08:16 - 2014-08-10 10:24 - 00000239 _____ () C:\Documents and Settings\Administrator\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.url
2014-08-10 08:06 - 2014-08-10 08:06 - 00380416 _____ () C:\Documents and Settings\Administrator\Desktop\Gmer-19357.exe
2014-08-10 08:01 - 2014-08-10 08:01 - 00036618 _____ () C:\Documents and Settings\Administrator\Desktop\Addition.txt
2014-08-10 08:00 - 2014-08-10 20:03 - 00016755 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-08-10 08:00 - 2014-08-10 20:03 - 00000000 ____D () C:\FRST
2014-08-10 07:59 - 2014-08-10 20:02 - 01091072 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-08-10 07:56 - 2014-08-10 07:57 - 00000488 _____ () C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
2014-08-10 07:56 - 2014-08-10 07:56 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable
2014-08-10 07:50 - 2014-08-10 07:50 - 00050477 _____ () C:\Documents and Settings\Administrator\Desktop\Defogger.exe
2014-08-10 05:02 - 2014-08-10 05:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\QuickScan
2014-08-10 02:22 - 2014-08-10 02:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Program Files\AMD APP
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Pro Control Center
2014-08-10 02:15 - 2014-08-10 02:15 - 00017654 _____ () C:\WINDOWS\system32\CCCInstall_201408100215415156.log
2014-08-10 02:15 - 2014-08-10 02:15 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-10 02:14 - 2014-08-10 02:14 - 00000000 ____D () C:\Program Files\ATI
2014-08-10 02:14 - 2012-05-24 05:50 - 00956160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ativvamv.dll
2014-08-10 02:14 - 2012-05-24 04:44 - 00205720 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-08-10 02:14 - 2012-05-24 04:42 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-08-10 02:14 - 2011-08-08 22:58 - 00100368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdXP3.sys
2014-08-10 01:18 - 2014-08-10 01:18 - 03363688 _____ () C:\Documents and Settings\Administrator\Desktop\UpdateMyDrivers.exe
2014-08-09 21:19 - 2014-08-09 21:26 - 00000000 ____D () C:\Program Files\PCPitstop
2014-08-09 21:19 - 2014-08-09 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCPitstop
2014-08-09 11:51 - 2014-08-09 11:51 - 00000000 ____D () C:\Documents and Settings\pg\My Documents\ACER
2014-08-08 15:54 - 2014-08-08 15:54 - 00000761 _____ () C:\Documents and Settings\Administrator\Start Menu\SnagIt32.lnk
2014-08-08 14:09 - 2014-08-10 19:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Google Drive
2014-08-08 14:09 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Google Drive
2014-08-08 14:07 - 2014-08-08 14:07 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-08-02 13:59 - 2014-08-02 14:00 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\MAC EXAMPLES
2014-08-02 11:56 - 2014-08-02 12:51 - 05326417 _____ (Phil Harvey) C:\WINDOWS\exiftool.exe
2014-08-02 08:32 - 2014-08-02 08:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\SnagIt Catalog
2014-08-02 08:11 - 2014-08-02 08:11 - 00000000 ____D () C:\Program Files\ExifTool
2014-08-02 07:53 - 2014-08-02 08:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Luffi
2014-08-02 07:52 - 2014-08-02 07:56 - 00000000 ____D () C:\Program Files\Luffi
2014-08-02 06:24 - 2014-08-02 06:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\FileViewPro
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IsolatedStorage
2014-08-02 06:13 - 2014-08-02 06:13 - 00000000 ____D () C:\Spacekace
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Help
2014-08-01 17:42 - 2014-08-01 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Windows Search
2014-08-01 16:46 - 2014-08-01 16:46 - 00526936 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-01 16:14 - 2014-08-01 16:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Hewlett-Packard
2014-08-01 15:53 - 2014-08-01 16:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-01 10:30 - 2014-08-10 19:25 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-01 10:30 - 2014-08-08 15:31 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 20:03 - 2014-08-10 08:00 - 00016755 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-08-10 20:03 - 2014-08-10 08:00 - 00000000 ____D () C:\FRST
2014-08-10 20:03 - 2009-10-24 06:55 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-08-10 20:02 - 2014-08-10 20:02 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\FRST-OlderVersion
2014-08-10 20:02 - 2014-08-10 07:59 - 01091072 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-08-10 20:01 - 2010-08-26 18:32 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9E0D393-B7AA-4CF4-9C2A-849F2A0791C9}.job
2014-08-10 19:53 - 2012-06-25 13:27 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-10 19:49 - 2011-12-15 12:42 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 19:44 - 2014-08-10 19:44 - 00001211 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.2_19-04-38.txt
2014-08-10 19:42 - 2014-08-10 19:42 - 00002218 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.4_19-39-22.txt
2014-08-10 19:40 - 2014-08-10 19:40 - 00004415 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.3_19-06-13.txt
2014-08-10 19:38 - 2014-08-10 19:38 - 00003293 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.1_19-35-59.txt
2014-08-10 19:29 - 2009-04-06 15:51 - 00555864 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-10 19:27 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Google Drive
2014-08-10 19:27 - 2009-04-06 16:00 - 01732628 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-10 19:27 - 2009-04-06 16:00 - 00908591 _____ () C:\WINDOWS\setupapi.log
2014-08-10 19:26 - 2014-08-10 18:35 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-10 19:26 - 2009-10-30 12:12 - 00000000 ____D () C:\WINDOWS\SMINST
2014-08-10 19:25 - 2014-08-10 18:08 - 00118784 _____ (SoftThinks) C:\WINDOWS\system32\chg.exe
2014-08-10 19:25 - 2014-08-01 10:30 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-10 19:25 - 2011-12-15 12:42 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-10 19:25 - 2009-10-24 06:53 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-10 19:25 - 2009-10-24 06:53 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-10 19:25 - 2009-10-24 06:53 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-08-10 19:24 - 2009-10-24 06:55 - 00000000 ____D () C:\WINDOWS\L2Schemas
2014-08-10 19:24 - 2009-05-20 13:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-10 19:23 - 2009-10-24 06:52 - 00032468 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-10 19:23 - 2009-10-23 13:33 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-08-10 19:23 - 2009-05-20 13:40 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-10 19:00 - 2011-04-23 19:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508272$
2014-08-10 18:55 - 2014-08-10 18:55 - 00002118 _____ () C:\Documents and Settings\Administrator\Desktop\malwar protololl 1.txt
2014-08-10 18:35 - 2014-08-10 18:35 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-10 18:31 - 2014-08-10 18:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Administrator\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-10 18:30 - 2010-10-10 22:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\07_IT
2014-08-10 18:12 - 2014-08-10 18:12 - 00012218 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R0].txt
2014-08-10 18:11 - 2014-08-10 18:03 - 00000000 ____D () C:\AdwCleaner
2014-08-10 18:10 - 2014-08-10 18:10 - 00012279 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R1].txt
2014-08-10 18:09 - 2014-08-10 18:09 - 00011212 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[S0].txt
2014-08-10 18:00 - 2014-08-10 18:00 - 01366203 _____ () C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
2014-08-10 10:24 - 2014-08-10 08:16 - 00000239 _____ () C:\Documents and Settings\Administrator\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.url
2014-08-10 10:02 - 2014-08-10 10:02 - 00006773 _____ () C:\Documents and Settings\Administrator\Desktop\Gmer.txt
2014-08-10 08:06 - 2014-08-10 08:06 - 00380416 _____ () C:\Documents and Settings\Administrator\Desktop\Gmer-19357.exe
2014-08-10 08:01 - 2014-08-10 08:01 - 00036618 _____ () C:\Documents and Settings\Administrator\Desktop\Addition.txt
2014-08-10 07:57 - 2014-08-10 07:56 - 00000488 _____ () C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
2014-08-10 07:56 - 2014-08-10 07:56 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable
2014-08-10 07:56 - 2009-10-24 06:55 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-10 07:50 - 2014-08-10 07:50 - 00050477 _____ () C:\Documents and Settings\Administrator\Desktop\Defogger.exe
2014-08-10 05:09 - 2014-08-10 05:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\QuickScan
2014-08-10 04:50 - 2009-10-24 06:55 - 00000000 ____D () C:\WINDOWS\Help
2014-08-10 02:22 - 2014-08-10 02:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Program Files\AMD APP
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Pro Control Center
2014-08-10 02:16 - 2009-10-23 23:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-10 02:15 - 2014-08-10 02:15 - 00017654 _____ () C:\WINDOWS\system32\CCCInstall_201408100215415156.log
2014-08-10 02:15 - 2014-08-10 02:15 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-10 02:15 - 2009-10-24 06:59 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-10 02:14 - 2014-08-10 02:14 - 00000000 ____D () C:\Program Files\ATI
2014-08-10 02:10 - 2009-10-23 13:29 - 00000000 ____D () C:\AMD
2014-08-10 01:18 - 2014-08-10 01:18 - 03363688 _____ () C:\Documents and Settings\Administrator\Desktop\UpdateMyDrivers.exe
2014-08-09 21:26 - 2014-08-09 21:19 - 00000000 ____D () C:\Program Files\PCPitstop
2014-08-09 21:19 - 2014-08-09 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCPitstop
2014-08-09 11:59 - 2010-03-21 13:35 - 00000178 ___SH () C:\Documents and Settings\user1.DEBRECEN\ntuser.ini
2014-08-09 11:59 - 2010-03-21 13:35 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\Local Settings\Temp
2014-08-09 11:51 - 2014-08-09 11:51 - 00000000 ____D () C:\Documents and Settings\pg\My Documents\ACER
2014-08-09 11:50 - 2010-10-09 01:28 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT
2014-08-09 01:34 - 2011-12-30 13:05 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\Local Settings\Application Data\Google
2014-08-09 01:32 - 2009-10-24 01:06 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-08-08 16:24 - 2009-10-30 13:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2014-08-08 15:54 - 2014-08-08 15:54 - 00000761 _____ () C:\Documents and Settings\Administrator\Start Menu\SnagIt32.lnk
2014-08-08 15:31 - 2014-08-01 10:30 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 14:09 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Google Drive
2014-08-08 14:07 - 2014-08-08 14:07 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-08-08 14:07 - 2009-10-30 13:24 - 00000000 ____D () C:\Program Files\Google
2014-08-06 00:48 - 2009-10-23 22:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PDFC
2014-08-03 20:09 - 2011-02-21 01:50 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\01_Analysis
2014-08-02 14:02 - 2011-04-10 00:41 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Job
2014-08-02 14:02 - 2010-03-21 23:06 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\Jobsearch
2014-08-02 14:00 - 2014-08-02 13:59 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\MAC EXAMPLES
2014-08-02 12:51 - 2014-08-02 11:56 - 05326417 _____ (Phil Harvey) C:\WINDOWS\exiftool.exe
2014-08-02 08:32 - 2014-08-02 08:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\SnagIt Catalog
2014-08-02 08:11 - 2014-08-02 08:11 - 00000000 ____D () C:\Program Files\ExifTool
2014-08-02 08:11 - 2014-08-02 07:53 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Luffi
2014-08-02 07:56 - 2014-08-02 07:52 - 00000000 ____D () C:\Program Files\Luffi
2014-08-02 06:24 - 2014-08-02 06:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\FileViewPro
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IsolatedStorage
2014-08-02 06:13 - 2014-08-02 06:13 - 00000000 ____D () C:\Spacekace
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Help
2014-08-01 17:50 - 2009-10-24 06:53 - 00004288 _____ () C:\WINDOWS\wmsetup.log
2014-08-01 17:50 - 2009-10-24 06:52 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-08-01 17:42 - 2014-08-01 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Windows Search
2014-08-01 16:46 - 2014-08-01 16:46 - 00526936 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-01 16:14 - 2014-08-01 16:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Hewlett-Packard
2014-08-01 16:12 - 2014-08-01 15:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-01 16:12 - 2009-10-23 22:03 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-01 15:53 - 2009-10-23 22:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP Cool Tools
2014-08-01 15:17 - 2011-12-15 12:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Google
2014-08-01 12:19 - 2010-09-07 00:33 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\00_Admin
2014-08-01 10:31 - 2011-12-15 12:41 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2014-08-01 08:44 - 2010-09-19 14:24 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\02_Trading
2014-07-11 21:06 - 2014-03-31 01:20 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\IBM
2014-07-11 21:02 - 2013-09-06 11:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-11 21:00 - 2009-10-24 01:51 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-11 21:00 - 2009-10-24 01:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-07-11 20:53 - 2012-06-25 13:27 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-11 20:53 - 2012-06-25 13:27 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\6_Offer_11.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\AtiCimUn.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\FixMyRegistry.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\sfa_inst.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\SpeedUpMyComputer.exe
C:\Documents and Settings\user1.DEBRECEN\Local Settings\Temp\vqhk35cq.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---



Addition
Zitat
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:10-08-2014 01
Ran by Administrator at 2014-08-10 20:03:37
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO Codecs (Version: 10.0.0.40103 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6D02AB7E-3B50-C6FE-F1CF-66F763D64E30}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Avery Wizard 5.0 (HKLM\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
BadCopy Pro (HKLM\...\BadCopy Pro) (Version:  - )
Broadcom Management Programs (HKLM\...\{C3CB6145-2F42-4C1C-B938-E254C8B5F48B}) (Version: 11.75.09 - Broadcom Corporation)
Canon CanoScan Toolbox 4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version:  - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Pro Control Center (Version: 2012.0523.2258.39384 - Ihr Firmenname) Hidden
CCC Help Chinese Standard (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
ColorNavigator (HKLM\...\{D5312328-0583-4E88-95EF-DE92A01797C2}) (Version: 5.2.3 - EIZO NANAO CORPORATION)
CutePDF (Evaluation) (HKLM\...\CutePDF (Evaluation)) (Version:  - )
CutePDF Writer 2.3 (HKLM\...\CutePDF Writer Installation) (Version:  - )
dvdisaster-0.72.3 (HKLM\...\dvdisaster_is1) (Version:  - dvdisaster project)
EIZO EasyPIX Software (HKLM\...\{E9DF3B08-7541-42E3-AF57-BBF039D1DEE4}) (Version: 1.0.6 - EIZO NANAO CORPORATION)
EIZO ScreenSlicer (HKLM\...\{292A177D-723F-4537-9985-BC8BFCD8B63D}) (Version: 1.0.1.1 - EIZO NANAO CORPORATION)
FireGL driver for 3D Studio MAX/VIZ (HKLM\...\{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}) (Version: 6.14.10.5015 - )
Google Drive (HKLM\...\{BF55F7D7-7791-41DD-91D7-8EA595CE548C}) (Version: 1.17.7224.1867 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Backup and Recovery Manager (HKLM\...\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}) (Version: 2.5C - Hewlett-Packard Company)
HP Help and Support (HKLM\...\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}) (Version: 4.4.0002 - HPQ)
HP Performance Advisor (HKLM\...\{8E3138D3-686D-4F77-A807-CFF5CAEC98D7}) (Version: 1.7.6530 - Hewlett-Packard Company)
HP Performance Tuning Framework (HKLM\...\{03BFDA4C-5233-4EB6-8BD7-8D0AE3044757}) (Version: 2.28.3117 - Hewlett-Packard)
HydraVision (Version: 4.2.218.0 - Advanced Micro Devices, Inc.) Hidden
IsoBuster 3.2 (HKLM\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
Java(TM) 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Luffi - Let's use freeware! Fun included ;) (v. 2.3.238) (HKLM\...\Luffi) (Version: 1.0.238.0 - Das Luffi Team)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft VM for Java (HKLM\...\MsJavaVM) (Version:  - )
Microsoft Web Publishing Wizard 1.53 (HKLM\...\WebPost) (Version:  - )
Norton 360 (HKLM\...\N360) (Version: 4.4.0.12 - Symantec Corporation)
PDF Complete (HKLM\...\PDF Complete) (Version: 3.5.85 - PDF Complete, Inc.)
Skins (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
TomTom HOME (HKLM\...\TomTom HOME) (Version: 2.3.1.92 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UniColor Pro (HKLM\...\{07D4FAFC-5D2C-49B0-9A9C-5726E5559381}) (Version: 1.3.0 - EIZO)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - ColorVision Inc (Spyder) USB  (08/07/2006 1.0.0.2) (HKLM\...\3F4E49464F141105CA373E77D00E57404393778F) (Version: 08/07/2006 1.0.0.2 - ColorVision Inc)
Windows Driver Package - Datacolor (Spyder3) USB  (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\A106663FD3361BDFACB045D83EBA03858EB1E411) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\F2F24872454C7CAEAABD8BB063F70FBEFF01989D) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - X-Rite (colormunki) XRiteDevices  (08/21/2006 2.40.0.1315) (HKLM\...\975DA77B1E3D07FC79378569A82F13404D027518) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1) XRiteDevices  (08/21/2006 2.40.0.1315) (HKLM\...\4BCA7532847C66A175AD419E8ED0CB00EA9F9A4A) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1) XRiteDevices  (08/21/2006 2.40.0.1315) (HKLM\...\4E0F9F38E610D91FA71E1E43F274568B68C54028) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1display) XRiteDevices  (08/21/2006 2.0.0.0) (HKLM\...\BE6334FA182AB4DD51AECFD703C81D6B65B2BBF3) (Version: 08/21/2006 2.0.0.0 - X-Rite)
Windows Driver Package - X-Rite (X-Rite) USB  (01/10/2007 3.1.0.0) (HKLM\...\79EC760EF05657EC2806CC712767C4C3FCE76693) (Version: 01/10/2007 3.1.0.0 - X-Rite)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-965756728-169831054-4282204201-500_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)

==================== Restore Points  =========================

29-05-2014 21:20:42 System Checkpoint
29-05-2014 22:11:42 Software Distribution Service 3.0
11-06-2014 20:07:54 Software Distribution Service 3.0
11-07-2014 19:00:16 Software Distribution Service 3.0
01-08-2014 04:48:51 System Checkpoint
01-08-2014 13:53:01 Removed HP Performance Tuning Framework
01-08-2014 13:53:07 Installed HP Performance Tuning Framework
01-08-2014 14:12:14 Installed HP Performance Advisor
03-08-2014 18:56:49 System Checkpoint
05-08-2014 23:13:13 System Checkpoint
07-08-2014 17:34:59 System Checkpoint
08-08-2014 18:09:39 System Checkpoint
09-08-2014 21:12:29 System Checkpoint
10-08-2014 00:15:15 Removed ATI Catalyst Control Center
10-08-2014 03:02:34 Free Driver Scout
10-08-2014 03:05:38 Free Driver Scout
10-08-2014 03:39:40 Removed Shopop
10-08-2014 04:16:13 Removed Microsoft Silverlight

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-10-24 06:53 - 2008-04-14 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9E0D393-B7AA-4CF4-9C2A-849F2A0791C9}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2011-04-09 21:23 - 2004-12-14 09:54 - 00081920 _____ () C:\WINDOWS\system32\cpwmon2k.dll
2014-05-08 13:21 - 2014-05-08 13:21 - 00301056 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.DEU
2009-06-02 14:59 - 2009-06-02 14:59 - 00142336 _____ () C:\Program Files\EIZO\ColorNavigator\CNHid.dll
2009-04-23 10:41 - 2009-04-23 10:41 - 00055808 _____ () C:\Program Files\EIZO\ColorNavigator\CNVideo.dll
2009-05-29 16:24 - 2009-05-29 16:24 - 00046080 _____ () C:\Program Files\EIZO\ColorNavigator\HidUsage.dll
2009-04-02 16:23 - 2009-04-02 16:23 - 00006656 _____ () C:\Program Files\EIZO\ColorNavigator\DisplayAreaSetting.dll
2009-05-29 16:24 - 2009-05-29 16:24 - 00055296 _____ () C:\Program Files\EIZO\ColorNavigator\CMYKValidation.dll
2009-05-07 11:32 - 2009-05-07 11:32 - 00082944 _____ () C:\Program Files\EIZO\ColorNavigator\ColorProfile.dll
2009-04-02 16:23 - 2009-04-02 16:23 - 00165376 _____ () C:\Program Files\EIZO\ColorNavigator\libcolour.dll
2009-10-30 12:12 - 2006-07-10 11:53 - 00872448 _____ () C:\WINDOWS\SMINST\Scheduler.exe
2008-04-14 14:42 - 2013-01-02 08:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2008-04-14 14:41 - 2008-04-14 14:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 14:42 - 2008-04-14 14:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2010-03-16 12:22 - 2010-03-16 12:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2012-05-23 22:57 - 2012-05-23 22:57 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-10 19:26 - 2014-08-10 19:26 - 00098816 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32api.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00110080 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\pywintypes27.dll
2014-08-10 19:26 - 2014-08-10 19:26 - 00364544 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\pythoncom27.dll
2014-08-10 19:26 - 2014-08-10 19:26 - 00045568 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_socket.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 01160704 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_ssl.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00320512 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32com.shell.shell.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00713216 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_hashlib.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 01175040 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._core_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00805888 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._gdi_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00811008 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._windows_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 01062400 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._controls_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00735232 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._misc_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00128512 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_elementtree.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00127488 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\pyexpat.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00557056 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\pysqlite2._sqlite.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00007168 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\hashobjs_ext.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00087552 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_ctypes.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00119808 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32file.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00108544 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32security.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00018432 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32event.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00038912 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32inet.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00070656 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._html2.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00167936 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32gui.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00011264 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32crypt.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00027136 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_multiprocessing.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00686080 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\unicodedata.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00122368 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._wizard.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00010240 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\select.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00024064 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32pipe.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00025600 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32pdh.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00525640 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\windows._lib_cacheinvalidation.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00035840 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32process.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00017408 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32profile.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00022528 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32ts.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00078336 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._animate.pyd
2008-07-16 10:14 - 2008-07-16 10:14 - 00163840 ____R () C:\Program Files\EIZO\EIZO EasyPIX\libcolour.dll
2008-09-05 10:08 - 2008-09-05 10:08 - 00282624 _____ () C:\Program Files\EIZO\EIZO EasyPIX\IccProfLib.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\exiftool.exe:SummaryInformation
AlternateDataStreams: C:\WINDOWS\exiftool.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/10/2014 05:08:08 AM) (Source: MsiInstaller) (EventID: 11309) (User: DEBRECEN)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)

Error: (08/10/2014 05:02:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application PCSUQuickScan.exe, version 0.0.0.0, faulting module PCSUQuickScan.exe, version 0.0.0.0, fault address 0x00006ee0.
Processing media-specific event for [PCSUQuickScan.exe!ws!]

Error: (08/10/2014 05:01:37 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2014 05:01:37 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2014 00:32:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/10/2014 00:32:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/10/2014 00:32:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/10/2014 00:32:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/09/2014 10:32:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/09/2014 10:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (08/10/2014 07:26:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (08/10/2014 07:25:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (08/10/2014 07:25:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
atapi
i8042prt

Error: (08/10/2014 07:24:49 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (08/10/2014 07:01:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
atapi
i8042prt

Error: (08/10/2014 06:08:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/10/2014 02:10:35 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\iaStor0

Error: (08/10/2014 10:19:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt

Error: (08/10/2014 10:19:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the N360 service.

Error: (08/10/2014 10:19:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the N360 service.


Microsoft Office Sessions:
=========================
Error: (02/11/2012 02:53:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1028 seconds with 1020 seconds of active time.  This session ended with a crash.

Error: (01/22/2011 10:16:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30333 seconds with 1080 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 3567.21 MB
Available physical RAM: 2714.68 MB
Total Pagefile: 5448.3 MB
Available Pagefile: 4285.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:453.3 GB) (Free:395.14 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive j: (HP_RECOVERY) (Fixed) (Total:12.46 GB) (Free:2.63 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 3B2B3B2B)
Partition 1: (Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 11.08.2014, 09:30   #4
M-K-D-B
/// TB-Ausbilder
 
Windows XP:  Deinstallation von SpeedUpMyComputer / FixMyRegistry - Standard

Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry



Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UpdateMyDrivers] => C:\Program Files\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
Reboot:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.





Schritt 4
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :regfind
    globalUpdate
    RegClean
    SmartTweak
    Internet Speed Checker
    SoftwareUpdater
    FixMyRegistry
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck,
  • die Logdatei von SystemLook.

Alt 11.08.2014, 13:51   #5
trokj
 
Windows XP:  Deinstallation von SpeedUpMyComputer / FixMyRegistry - Standard

Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry



Hallo Mathias, ich habe die 4 Schritte ausgführt, anbei die 4 Log-files:

Fixlog
Zitat
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:10-08-2014 01
Ran by Administrator at 2014-08-11 11:10:08 Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UpdateMyDrivers] => C:\Program Files\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
Reboot:
end

*****************

HKU\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateMyDrivers => value deleted successfully.


The system needed a reboot. 

==== End of Fixlog ====
         
ESET
Zitat
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5b9314aea858714c95e847b33925231e
# engine=19596
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-11 10:54:06
# local_time=2014-08-11 12:54:06 (+0100, W. Europe Daylight Time)
# country="Switzerland"
# lang=1031
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 86 86760156 171122741 0 0
# scanned=88650
# found=40
# cleaned=0
# scan_time=3282
sh=5657DFACD2609DFB4FB376ABB2C6E798C5D385C7 ft=1 fh=3db1547b0ac5e8dc vn="Variante von Win32/Toolbar.CrossRider.AG evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\554c9551-b337-43c8-ab01-4f36dcfd520a.exe.vir"
sh=88C24F5C7636DCBA515835D67E7C8616851ED5E9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\5e5d09b0-ce83-4e3c-9b2c-6b02c95e8e5a.crx.vir"
sh=4DB13C833CA5AA2696A1F6D93245A3304B49806D ft=1 fh=e0d02f20612ea76c vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.exe.vir"
sh=AFD1C1B776ECAFC587BC417090C1319650C2B692 ft=1 fh=1d517e1a4634e738 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.exe.vir"
sh=286214A6B25675ED6B7296C9F43850647987BCC9 ft=1 fh=4dc0c1bbbea16baa vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.exe.vir"
sh=D3D971E7E4AA17477D22522829A120B2763CE848 ft=1 fh=0669b4173f70328a vn="Variante von Win32/Toolbar.CrossRider.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.exe.vir"
sh=DFD473210F3CEDA728D558ACC0EA53579A7AC354 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3.crx.vir"
sh=D84A35D2D5CC6BE967BE7C9B5C296640CFD99261 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3.xpi.vir"
sh=7735F999776ECD00DD1FB45B7ACE9878F9058B76 ft=1 fh=1d24a3ad778ed453 vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\Internet Speed Checker-bg.exe.vir"
sh=E432AEFC72CCF83A2C1E5BF6658A8671B712414F ft=1 fh=c990e3a29e0e57cb vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\Internet Speed Checker-bho.dll.vir"
sh=64638C06B506D1444A53878920B1DBB06888CEC2 ft=1 fh=980aa30758784c94 vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\Internet Speed Checker-buttonutil.dll.vir"
sh=4FEAB6AD479250FD611E0A892BB2B9BEA8BB82B3 ft=1 fh=e543a0dcda004c83 vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\Internet Speed Checker-buttonutil.exe.vir"
sh=3A6DBF584AB5DFD90E03F41980877B944D7AD25A ft=1 fh=fc984c298447d04d vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Internet Speed Checker\Internet Speed Checker-codedownloader.exe.vir"
sh=E66AF81ECF344320AB33D9493D99012502B6D7A8 ft=1 fh=0e2d42d0e1be0954 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\LPT\sppsm.dll.vir"
sh=B3E80BD7D9A417D3EFF3AD0ED2CCBDCDC5DF5846 ft=1 fh=bb4ab7dbed606f52 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\LPT\spusm.dll.vir"
sh=746835BAEE6A44D212525520BD9E4D2D662FA560 ft=1 fh=7a6773966e668ece vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\LPT\srbu.dll.vir"
sh=7CF3E5831311D8BC468B709379BF0112E8745CDA ft=1 fh=37b232fbf48f85a1 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\LPT\srptc.dll.vir"
sh=8F09720095821ACA3C4ABD9794AEBED18B01DC0E ft=1 fh=8a7157444494089b vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\Desktop\USB-Stick\registrybooster.exe"
sh=CBAB031B3935A09A20845C238EC54F5475D6A89B ft=1 fh=f86cce18bc0d2819 vn="Variante von Win32/SlowPCfighter evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\Desktop\USB-Stick\RegistryReviverSetup.exe"
sh=EE611FF711A1DCFD4B9E41686FE741292DFC39A2 ft=1 fh=c10e7aca31bdd62d vn="Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\Local Settings\Temp\sfa_inst.exe"
sh=B797EF195F46438DE86724489D47673EB667DC9C ft=1 fh=e3f3fedfd968b4f0 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\24SMAV65\pcspeedup20140716[1].exe"
sh=7A1A9E1B6AD0D793C748242B3E133D28F2EA4CAE ft=1 fh=3e339cab813d40b8 vn="Variante von Win32/Injector.BIZV Trojaner" ac=I fn="C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3CNBN39U\shopop2220714[1].exe"
sh=8F09720095821ACA3C4ABD9794AEBED18B01DC0E ft=1 fh=8a7157444494089b vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\My Documents\07_IT\DBX Opener outlook express\registrybooster.exe"
sh=CBAB031B3935A09A20845C238EC54F5475D6A89B ft=1 fh=f86cce18bc0d2819 vn="Variante von Win32/SlowPCfighter evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\My Documents\07_IT\DBX Opener outlook express\RegistryReviverSetup.exe"
sh=1AB152E190D9FA506D4D33D2D135ED3C65BA1646 ft=1 fh=9795cc6be88add21 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\My Documents\07_IT\isobuste mir2\isobuster_all_lang.exe"
sh=1AB152E190D9FA506D4D33D2D135ED3C65BA1646 ft=1 fh=9795cc6be88add21 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\My Documents\07_IT\isobuster\isobuster_all_lang.exe"
sh=A62D023D15D1917BDD5002889CC279E4656D92AF ft=1 fh=b49072af51c4fd6a vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\Administrator\My Documents\07_IT\WinZip\WinZip175.exe"
sh=CB3ED72F9D324697088278234D4F22EB22BCD4DB ft=1 fh=f4be94f94f707b78 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\dl-openfreely-base.exe"
sh=8F09720095821ACA3C4ABD9794AEBED18B01DC0E ft=1 fh=8a7157444494089b vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\DBX opener - outlook express\registrybooster.exe"
sh=CBAB031B3935A09A20845C238EC54F5475D6A89B ft=1 fh=f86cce18bc0d2819 vn="Variante von Win32/SlowPCfighter evtl. unerwünschte Anwendung" ac=I fn="C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\DBX opener - outlook express\RegistryReviverSetup.exe"
sh=33E40582F857704C66794A3701919FD4D21D37CD ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\91f6ea.msi"
sh=792732B910B853401144DDFDB5F09F4601BD9B10 ft=1 fh=09c096f08a58a634 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI4C.tmp-\sppsm.dll"
sh=9B5CB9BFC61A4C1BE410AA408BB62929957F3695 ft=1 fh=1a8afe5751a30e18 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI4C.tmp-\spusm.dll"
sh=AB3AC22814E5AA28E986740EA275D1F9A366E8FD ft=1 fh=cfb93842f7d63e02 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI4C.tmp-\srptc.dll"
sh=792732B910B853401144DDFDB5F09F4601BD9B10 ft=1 fh=09c096f08a58a634 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI5A.tmp-\sppsm.dll"
sh=9B5CB9BFC61A4C1BE410AA408BB62929957F3695 ft=1 fh=1a8afe5751a30e18 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI5A.tmp-\spusm.dll"
sh=7380520125D289909CA398AE401AA6D5676F81D5 ft=1 fh=e94db147b021709c vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI5A.tmp-\srbs.dll"
sh=36AD796C52A4FD2DE77D58C627C615CAA74483E7 ft=1 fh=33a5280913389ab9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI5A.tmp-\srbu.dll"
sh=AB3AC22814E5AA28E986740EA275D1F9A366E8FD ft=1 fh=cfb93842f7d63e02 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI5A.tmp-\srptc.dll"
sh=AB3AC22814E5AA28E986740EA275D1F9A366E8FD ft=1 fh=cfb93842f7d63e02 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\WINDOWS\Installer\MSI75.tmp-\srptc.dll"
         

SecurityCheck
Zitat
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.86  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Disabled!  
Please wait while WMIC is being installed.d 
i 
s 
p 
l 
a 
y 
N 
a 
m 
e 
ECHO is off.
N 
o 
r 
t 
o 
n 
ECHO is off.
3 
6 
0 
ECHO is off.
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Windows Driver Package - Datacolor (Spyder3) USB  (09/10/2007 1.0.0.3) 
 Windows Driver Package - ColorVision Inc (Spyder) USB  (08/07/2006 1.0.0.2) 
 Microsoft VM for Java  
 Java(TM) 6 Update 13  
 Java version out of Date! 
 Adobe Reader 10.1.10 Adobe Reader out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:: 22% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
         

SystemLook
Zitat
Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 13:14 on 11/08/2014 by Administrator
Administrator - Elevation successful

========== regfind ==========

Searching for "globalUpdate"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}\InprocServer32]
@="C:\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\globalUpdate\Update\GoogleUpdate.exe"="globalUpdate Update"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\globalUpdate\Update\GoogleUpdate.exe"="globalUpdate Update"

Searching for "RegClean"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{934FDD8D-9B5B-4f69-975C-36325AAE8A0D}]
@="N360 RegClean Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{934FDD8D-9B5B-4f69-975C-36325AAE8A0D}\ProgID]
@="RegClean.N360.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{934FDD8D-9B5B-4f69-975C-36325AAE8A0D}\VersionIndependentProgID]
@="RegClean.N360"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RegClean.N360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RegClean.N360]
@="N360 RegClean Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RegClean.N360\CurVer]
@="RegClean.N360.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RegClean.N360.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RegClean.N360.1]
@="N360 RegClean Class"

Searching for "SmartTweak"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\SmartTweak Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FixMyRegistry.exe]
@="C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\SmartTweak Software]

Searching for "Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C182AF0-6856-4A50-8840-18D9C3B8D872}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{200335FD-575A-4F55-AC76-9E200E165F}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253dd070-b470-4e2c-bb34-5592f2b62c62}]
"AppName"="Internet Speed Checker-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253dd070-b470-4e2c-bb34-5592f2b62c62}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F4E485A-EA28-4ED2-948F-3F5C699BEF}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2feb16ce-9e76-47e5-be44-3226a38edec5}]
"AppName"="Internet Speed Checker-bg.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2feb16ce-9e76-47e5-be44-3226a38edec5}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B2D421E-9F88-44D0-A418-C090D6ABF52}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C1A7D10-8974-4C21-98DA-DDC18CCFF661}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{562E1F45-DDB6-447A-9014-B5C9911F7CD6}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BC98194-D74F-4040-998-AB3818F4E047}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C2B785D-64D6-4EC1-BBA-6D67EEADF76}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67C5D81A-E2FF-419C-B23-F4ACED258286}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DA4A13E-BA40-4241-8D58-67DACE12808F}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6e4edcae-bafe-4568-9b7c-78adabdfad2c}]
"AppName"="Internet Speed Checker-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6e4edcae-bafe-4568-9b7c-78adabdfad2c}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{712EFD6B-6297-420C-AFEB-EC3BBAA7D220}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74FF81D9-85DA-4214-BF12-C9755B7EBA9B}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D4B8D43-46F6-4AF8-8A1C-5C4BC63F4D46}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85945377-DE01-45EC-AAB5-A2A3B84699C8}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89433F79-2573-4DD8-944C-B4EC612335FB}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ECBD320-BB0C-478D-98AF-22FADFC2D5F9}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A44ED76F-4776-4B87-9444-5F22CE38969A}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2B9D429-DCD8-4025-B2FD-A6C3FF2533C4}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C545AC67-AD0C-42B3-B7B8-4DABE6EF8F11}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2DC942A-5EAA-47F0-8EF8-16569B9565}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB43E8E5-3735-4C4C-9847-5EA174D4CC60}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB2868A1-12D3-47FF-8160-3A70DE5FD7A}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F21E11BB-3973-4F55-8BC3-440C8A78CF0}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD5E0AE0-7621-4E92-BFE3-6472894A4E2E}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452}\1.0\0\win32]
@="C:\Program Files\Internet Speed Checker\Internet Speed Checker-bho.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452}\1.0\HELPDIR]
@="C:\Program Files\Internet Speed Checker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253dd070-b470-4e2c-bb34-5592f2b62c62}]
"AppName"="Internet Speed Checker-buttonutil.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253dd070-b470-4e2c-bb34-5592f2b62c62}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2feb16ce-9e76-47e5-be44-3226a38edec5}]
"AppName"="Internet Speed Checker-bg.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2feb16ce-9e76-47e5-be44-3226a38edec5}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6e4edcae-bafe-4568-9b7c-78adabdfad2c}]
"AppName"="Internet Speed Checker-codedownloader.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6e4edcae-bafe-4568-9b7c-78adabdfad2c}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C182AF0-6856-4A50-8840-18D9C3B8D872}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{200335FD-575A-4F55-AC76-9E200E165F}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253dd070-b470-4e2c-bb34-5592f2b62c62}]
"AppName"="Internet Speed Checker-buttonutil.exe"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{253dd070-b470-4e2c-bb34-5592f2b62c62}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F4E485A-EA28-4ED2-948F-3F5C699BEF}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2feb16ce-9e76-47e5-be44-3226a38edec5}]
"AppName"="Internet Speed Checker-bg.exe"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2feb16ce-9e76-47e5-be44-3226a38edec5}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B2D421E-9F88-44D0-A418-C090D6ABF52}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C1A7D10-8974-4C21-98DA-DDC18CCFF661}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{562E1F45-DDB6-447A-9014-B5C9911F7CD6}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BC98194-D74F-4040-998-AB3818F4E047}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C2B785D-64D6-4EC1-BBA-6D67EEADF76}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67C5D81A-E2FF-419C-B23-F4ACED258286}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DA4A13E-BA40-4241-8D58-67DACE12808F}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6e4edcae-bafe-4568-9b7c-78adabdfad2c}]
"AppName"="Internet Speed Checker-codedownloader.exe"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6e4edcae-bafe-4568-9b7c-78adabdfad2c}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{712EFD6B-6297-420C-AFEB-EC3BBAA7D220}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74FF81D9-85DA-4214-BF12-C9755B7EBA9B}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D4B8D43-46F6-4AF8-8A1C-5C4BC63F4D46}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85945377-DE01-45EC-AAB5-A2A3B84699C8}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89433F79-2573-4DD8-944C-B4EC612335FB}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ECBD320-BB0C-478D-98AF-22FADFC2D5F9}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A44ED76F-4776-4B87-9444-5F22CE38969A}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2B9D429-DCD8-4025-B2FD-A6C3FF2533C4}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C545AC67-AD0C-42B3-B7B8-4DABE6EF8F11}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2DC942A-5EAA-47F0-8EF8-16569B9565}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB43E8E5-3735-4C4C-9847-5EA174D4CC60}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB2868A1-12D3-47FF-8160-3A70DE5FD7A}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F21E11BB-3973-4F55-8BC3-440C8A78CF0}]
"AppPath"="C:\Program Files\Internet Speed Checker"
[HKEY_USERS\S-1-5-21-965756728-169831054-4282204201-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD5E0AE0-7621-4E92-BFE3-6472894A4E2E}]
"AppPath"="C:\Program Files\Internet Speed Checker"

Searching for "SoftwareUpdater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\SoftwareUpdater\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\50842306D3AC99249B064E424DFD87BA\Features]
"SoftwareUpdater"="ProductFeature"

Searching for "FixMyRegistry"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FixMyRegistry.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FixMyRegistry.exe]
@="C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe"

Searching for "         "
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0]
"ProcessorNameString"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1]
"ProcessorNameString"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2]
"ProcessorNameString"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\3]
"ProcessorNameString"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\4]
"ProcessorNameString"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\5]
"ProcessorNameString"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\6]
"ProcessorNameString"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\7]
"ProcessorNameString"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList]
"SanDiskIMb"="E-USB Fl;ash             ;    "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_0]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_1]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_2]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_3]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_4]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_5]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_6]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_7]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB)              SAMSUNG WNR-31601A (1.6GB)               IBM-DTCA-24090                          TC6OAA2A IBM-DTCA-24090                          TC6IAA2A IBM-DPLA-25120                          PL8OAA2A IBM-DPLA-25120                          PL8IAA2A IBM-DPLA-25120                          PL8IAA4A IBM-DTCA-23240                          TC5OAA2A IBM-DTCA-23240                          TC5IAA2A IBM-DPLA-24480                          PL7OAA2A IBM-DPLA-24480                          PL7IAA2A"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"NoFlushDevice"="QUANTUM_LPS525A                          SCR-730                                 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"PioOnlyDevice"="    Conner Peripherals 425MB - CFS425A   MATSHITA CR-581                          FX600S                                   CD-44E                                   QUANTUM TRB850A                          QUANTUM MARVERICK 540A                    MAXTOR MXT-540  AT                      Maxtor 71260 AT                          Maxtor 7850 AV                           Maxtor 7540 AV                           Maxtor 7213 AT                           Maxtor 7345                              Maxtor 7245 AT                           Maxtor 7245                              Maxtor 7211AU                            Maxtor 7171 AT                           CD-316E                                  SAMSUNG_SCR-2430 CR-2801TE"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"NonRemovableMedia"="Kingston Technology DataPak 340          SunDisk SDP5A-10                         SunDisk SDCFB-10                         SunDisk SDP3B-20                         SunDisk SDP3B-175                        SunDisk SDP5-2.5                         Calluna Technology CT260MC               BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1       ATA_FLASH  Mitsubishi ATA Card  LEXAR ATA_FLASH Micron MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK MEMORYSTICK   8M  8K"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"NoPowerDownDevice"="RD-DRC001-M                              CS-R37 0                                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"AutoEjectZipDevice"="IOMEGA  ZIP 100       ATAPI             23.D     IOMEGA  ZIP 100       ATAPI             21.D     IOMEGA  ZIP 100       ATAPI             20.D     IOMEGA  ZIP 100       ATAPI             91.D     IOMEGA  ZIP 100                         B.29     IOMEGA  ZIP 100                         B.22    "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_0]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_1]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_2]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_3]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_4]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_5]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_6]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_7]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB)              SAMSUNG WNR-31601A (1.6GB)               IBM-DTCA-24090                          TC6OAA2A IBM-DTCA-24090                          TC6IAA2A IBM-DPLA-25120                          PL8OAA2A IBM-DPLA-25120                          PL8IAA2A IBM-DPLA-25120                          PL8IAA4A IBM-DTCA-23240                          TC5OAA2A IBM-DTCA-23240                          TC5IAA2A IBM-DPLA-24480                          PL7OAA2A IBM-DPLA-24480                          PL7IAA2A"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"NoFlushDevice"="QUANTUM_LPS525A                          SCR-730                                 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"PioOnlyDevice"="    Conner Peripherals 425MB - CFS425A   MATSHITA CR-581                          FX600S                                   CD-44E                                   QUANTUM TRB850A                          QUANTUM MARVERICK 540A                    MAXTOR MXT-540  AT                      Maxtor 71260 AT                          Maxtor 7850 AV                           Maxtor 7540 AV                           Maxtor 7213 AT                           Maxtor 7345                              Maxtor 7245 AT                           Maxtor 7245                              Maxtor 7211AU                            Maxtor 7171 AT                           CD-316E                                  SAMSUNG_SCR-2430 CR-2801TE"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"NonRemovableMedia"="Kingston Technology DataPak 340          SunDisk SDP5A-10                         SunDisk SDCFB-10                         SunDisk SDP3B-20                         SunDisk SDP3B-175                        SunDisk SDP5-2.5                         Calluna Technology CT260MC               BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1       ATA_FLASH  Mitsubishi ATA Card  LEXAR ATA_FLASH Micron MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK MEMORYSTICK   8M  8K"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"NoPowerDownDevice"="RD-DRC001-M                              CS-R37 0                                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"AutoEjectZipDevice"="IOMEGA  ZIP 100       ATAPI             23.D     IOMEGA  ZIP 100       ATAPI             21.D     IOMEGA  ZIP 100       ATAPI             20.D     IOMEGA  ZIP 100       ATAPI             91.D     IOMEGA  ZIP 100                         B.29     IOMEGA  ZIP 100                         B.22    "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_0]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_1]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_2]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_3]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_4]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_5]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_6]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_26\_7]
"FriendlyName"="Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB)              SAMSUNG WNR-31601A (1.6GB)               IBM-DTCA-24090                          TC6OAA2A IBM-DTCA-24090                          TC6IAA2A IBM-DPLA-25120                          PL8OAA2A IBM-DPLA-25120                          PL8IAA2A IBM-DPLA-25120                          PL8IAA4A IBM-DTCA-23240                          TC5OAA2A IBM-DTCA-23240                          TC5IAA2A IBM-DPLA-24480                          PL7OAA2A IBM-DPLA-24480                          PL7IAA2A"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"NoFlushDevice"="QUANTUM_LPS525A                          SCR-730                                 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"PioOnlyDevice"="    Conner Peripherals 425MB - CFS425A   MATSHITA CR-581                          FX600S                                   CD-44E                                   QUANTUM TRB850A                          QUANTUM MARVERICK 540A                    MAXTOR MXT-540  AT                      Maxtor 71260 AT                          Maxtor 7850 AV                           Maxtor 7540 AV                           Maxtor 7213 AT                           Maxtor 7345                              Maxtor 7245 AT                           Maxtor 7245                              Maxtor 7211AU                            Maxtor 7171 AT                           CD-316E                                  SAMSUNG_SCR-2430 CR-2801TE"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"NonRemovableMedia"="Kingston Technology DataPak 340          SunDisk SDP5A-10                         SunDisk SDCFB-10                         SunDisk SDP3B-20                         SunDisk SDP3B-175                        SunDisk SDP5-2.5                         Calluna Technology CT260MC               BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1       ATA_FLASH  Mitsubishi ATA Card  LEXAR ATA_FLASH Micron MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK MEMORYSTICK   8M  8K"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"NoPowerDownDevice"="RD-DRC001-M                              CS-R37 0                                "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"AutoEjectZipDevice"="IOMEGA  ZIP 100       ATAPI             23.D     IOMEGA  ZIP 100       ATAPI             21.D     IOMEGA  ZIP 100       ATAPI             20.D     IOMEGA  ZIP 100       ATAPI             91.D     IOMEGA  ZIP 100                         B.29     IOMEGA  ZIP 100                         B.22    "

-= EOF =-
         


Alt 11.08.2014, 16:03   #6
M-K-D-B
/// TB-Ausbilder
 
Windows XP:  Deinstallation von SpeedUpMyComputer / FixMyRegistry - Standard

Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry



Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
C:\Documents and Settings\Administrator\Desktop\USB-Stick\registrybooster.exe
C:\Documents and Settings\Administrator\Desktop\USB-Stick\RegistryReviverSetup.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\sfa_inst.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\DBX Opener outlook express\registrybooster.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\DBX Opener outlook express\RegistryReviverSetup.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\isobuste mir2\isobuster_all_lang.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\isobuster\isobuster_all_lang.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\WinZip\WinZip175.exe
C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\dl-openfreely-base.exe
C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\DBX opener - outlook express\registrybooster.exe
C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\DBX opener - outlook express\RegistryReviverSetup.exe
C:\WINDOWS\Installer\91f6ea.msi
C:\WINDOWS\Installer\MSI4C.tmp-
C:\WINDOWS\Installer\MSI5A.tmp-
C:\WINDOWS\Installer\MSI75.tmp-
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\SmartTweak Software
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FixMyRegistry.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452}
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Lesestoff:
Windows XP

Auf deinem Rechner läuft noch Windows XP. Microsoft hat dieses Betriebssystem bereits 2001 veröffentlicht und stellt den Support endgültig ab April 2014 ein, d.h. ab Mai 2014 gibt es keine weiteren Updates mehr und danach gefundene Lücken werden nicht mehr durch Updates/Hotfixes geschlossen werden können.

Mit Windows XP nach April 2014 zu surfen wird damit ein großes Sicherheitsrisiko. Du solltest dir jetzt unbedingt Gedanken machen, möglichst schnell auf ein aktuelleres Betriebssystem umzusteigen.








Außerdem bitte noch die folgenden Schritte durchführen:
PC wird immer langsamer - was tun?






Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.




Schritt 1
Du verwendest veraltete Software auf deinem Rechner, was ein Sicherheitsrisiko darstellt. Daher solltest du veraltete Software deinstallieren und anschließend die aktuellste Version installieren.
Folge dem Pfad Start > Systemsteuerung > Sofware / Programme deinstallieren.
Deinstalliere die folgenden Programme von deinem Rechner:
  • Java(TM) 6 Update 13
Starte deinen Rechner nach der Deinstallation neu auf.
Downloade und installiere dir bitte nun:Starte deinen Rechner nach der Installation neu auf.





Schritt 2
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.







Schritt 3
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.


Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti-Viren-Programm und zusätzlicher Schutz
  • Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist! Ein kostenloses Anti-Viren Programm, das wir empfehlen, wäre z. B. Avast! Free Antivirus oder Microsoft Security Essentials.
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt. Du kannst es zusätzlich zu deinem Anti-Viren Programm verwenden.
    Update das Tool und lasse es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • AdwCleaner
    Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwünschten Programmen (PUPs).
    Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt von der Herstellerseite auf den Desktop herunterladen. Auch dieses Programm kann parallel zu deinem Anti-Viren Programm verwendet werden.
  • SpywareBlaster
    Eine kurze Einführung findest du Hier


Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
    Es spart außerdem Downloadkapazität.


Performance
  • Halte dich fern von Registry Cleanern.
    Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
    Miekemoes Blogspot ( MVP )


Was du vermeiden solltest:
  • Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
  • Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..).
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
  • Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!



Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
--> Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry

Alt 13.08.2014, 12:26   #7
M-K-D-B
/// TB-Ausbilder
 
Windows XP:  Deinstallation von SpeedUpMyComputer / FixMyRegistry - Standard

Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry



Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Alt 15.08.2014, 01:05   #8
trokj
 
Windows XP:  Deinstallation von SpeedUpMyComputer / FixMyRegistry - Standard

Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry



Hallo Mathias,
ich habe den Schritt "Reste Entfernen" & 3 letzten Schritte durchgeführt. Komme wohl etwas spät mit meiner Antwort zurück -musste dringend 2 andere Themen abarbeiten. Sorry!

Bemerkung:
- habe FRST nochmals installiert, um ein FixLog-file zu erstellen, da DelFix das eigentl. FixLog glöscht hat.
- DelFix habe ich nochmals laufen lassen, um das FRST zu löschen.
((das tönt ziemlich blöde, aber ich will diesen Thread für mich & Kollegen aufbewahren, um zu zeigen, wie viel Arbeite drinne stecken um MalWare zu entfernen))

Bemerkung Schritt 3:
ich bin überaus dankbar für die Angaben bzgl. Anti-Viren-Progr. & zusätzl. Schutz & Performance, etc. Secunia-Online-SW werde ich auf den Win-XP installieren um zu schauen wie verwundbar der PC ist. Nächste Woche installiere ich Win 8.1 (Harddisk wird formatiert) und werde mir dann die empfohlenen Progr. installieren
--> LETZTE FRAGE: genügt mir Avast! oder Microsoft Security Essentials oder muss ich mir eines der bekannten VirenProgr. kaufen, Norton etc.?

...und nun ein riesen Dankeschön! Ich werde spenden. Ich glaube, ihr wisst nicht, welch gross Hilfe ihr den Leuten seit! Unglaublich! Ich bin oft im Internet unterwegs, solche Boards sind sehr selten! Überall wird man nur abgezogen -- v.a. wenn man etwas Zusatzinformationen haben will -- bzgl. Free-Ware &Hilfe ist "File Pony" ne echte Alternative! Vielen DANK!


Reste Entfernen
FixLog, mit FRST (nochmals installiert, nachdem DelFix das vorherige FixLog-file gelöscht hatte)
Zitat
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:14-08-2014 02
Ran by Administrator at 2014-08-15 00:40:28 Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
C:\Documents and Settings\Administrator\Desktop\USB-Stick\registrybooster.exe
C:\Documents and Settings\Administrator\Desktop\USB-Stick\RegistryReviverSetup.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\sfa_inst.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\DBX Opener outlook express\registrybooster.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\DBX Opener outlook express\RegistryReviverSetup.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\isobuste mir2\isobuster_all_lang.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\isobuster\isobuster_all_lang.exe
C:\Documents and Settings\Administrator\My Documents\07_IT\WinZip\WinZip175.exe
C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\dl-openfreely-base.exe
C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\DBX opener - outlook express\registrybooster.exe
C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\DBX opener - outlook express\RegistryReviverSetup.exe
C:\WINDOWS\Installer\91f6ea.msi
C:\WINDOWS\Installer\MSI4C.tmp-
C:\WINDOWS\Installer\MSI5A.tmp-
C:\WINDOWS\Installer\MSI75.tmp-
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\SmartTweak Software
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FixMyRegistry.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452}
EmptyTemp:
end
     
*****************

"C:\Documents and Settings\Administrator\Desktop\USB-Stick\registrybooster.exe" => File/Directory not found.
"C:\Documents and Settings\Administrator\Desktop\USB-Stick\RegistryReviverSetup.exe" => File/Directory not found.
"C:\Documents and Settings\Administrator\Local Settings\Temp\sfa_inst.exe" => File/Directory not found.
"C:\Documents and Settings\Administrator\My Documents\07_IT\DBX Opener outlook express\registrybooster.exe" => File/Directory not found.
"C:\Documents and Settings\Administrator\My Documents\07_IT\DBX Opener outlook express\RegistryReviverSetup.exe" => File/Directory not found.
"C:\Documents and Settings\Administrator\My Documents\07_IT\isobuste mir2\isobuster_all_lang.exe" => File/Directory not found.
"C:\Documents and Settings\Administrator\My Documents\07_IT\isobuster\isobuster_all_lang.exe" => File/Directory not found.
"C:\Documents and Settings\Administrator\My Documents\07_IT\WinZip\WinZip175.exe" => File/Directory not found.
"C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\dl-openfreely-base.exe" => File/Directory not found.
"C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\DBX opener - outlook express\registrybooster.exe" => File/Directory not found.
"C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT\DBX opener - outlook express\RegistryReviverSetup.exe" => File/Directory not found.
"C:\WINDOWS\Installer\91f6ea.msi" => File/Directory not found.
"C:\WINDOWS\Installer\MSI4C.tmp-" => File/Directory not found.
"C:\WINDOWS\Installer\MSI5A.tmp-" => File/Directory not found.
"C:\WINDOWS\Installer\MSI75.tmp-" => File/Directory not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} => Key not found.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\SmartTweak Software => Key not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FixMyRegistry.exe => Key not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452} => Key not found.
EmptyTemp: => Removed 56 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         

Ursprüngliche DelFix-Log (weiter unten das zweite DelFix, steht viel weniger drinne)
Zitat
Code:
ATTFilter
# DelFix v10.8 - Logfile created 14/08/2014 at 18:31:36
# Updated 29/07/2014 by Xplode
# Username : Administrator - DEBRECEN
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Documents and Settings\Administrator\Desktop\FRST-OlderVersion
Deleted : C:\Documents and Settings\Administrator\Desktop\Addition.txt
Deleted : C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R0].txt
Deleted : C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R1].txt
Deleted : C:\Documents and Settings\Administrator\Desktop\AdwCleaner[S0].txt
Deleted : C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
Deleted : C:\Documents and Settings\Administrator\Desktop\Defogger.exe
Deleted : C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
Deleted : C:\Documents and Settings\Administrator\Desktop\defogger_enable.log
Deleted : C:\Documents and Settings\Administrator\Desktop\esetsmartinstaller_deu.exe
Deleted : C:\Documents and Settings\Administrator\Desktop\Fixlog.txt
Deleted : C:\Documents and Settings\Administrator\Desktop\FRST.exe
Deleted : C:\Documents and Settings\Administrator\Desktop\FRST.txt
Deleted : C:\Documents and Settings\Administrator\Desktop\log ESET.txt
Deleted : C:\Documents and Settings\Administrator\Desktop\SecurityCheck.exe
Deleted : C:\Documents and Settings\Administrator\Desktop\SystemLook.exe
Deleted : C:\Documents and Settings\Administrator\Desktop\SystemLook.txt
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #130 [System Checkpoint | 05/29/2014 21:20:42]
Deleted : RP #131 [Software Distribution Service 3.0 | 05/29/2014 22:11:42]
Deleted : RP #132 [Software Distribution Service 3.0 | 06/11/2014 20:07:54]
Deleted : RP #133 [Software Distribution Service 3.0 | 07/11/2014 19:00:16]
Deleted : RP #134 [System Checkpoint | 08/01/2014 04:48:51]
Deleted : RP #135 [Removed HP Performance Tuning Framework | 08/01/2014 13:53:01]
Deleted : RP #136 [Installed HP Performance Tuning Framework | 08/01/2014 13:53:07]
Deleted : RP #137 [Installed HP Performance Advisor | 08/01/2014 14:12:14]
Deleted : RP #138 [System Checkpoint | 08/03/2014 18:56:49]
Deleted : RP #139 [System Checkpoint | 08/05/2014 23:13:13]
Deleted : RP #140 [System Checkpoint | 08/07/2014 17:34:59]
Deleted : RP #141 [System Checkpoint | 08/08/2014 18:09:39]
Deleted : RP #142 [System Checkpoint | 08/09/2014 21:12:29]
Deleted : RP #143 [Removed ATI Catalyst Control Center | 08/10/2014 00:15:15]
Deleted : RP #144 [Free Driver Scout | 08/10/2014 03:02:34]
Deleted : RP #145 [Free Driver Scout | 08/10/2014 03:05:38]
Deleted : RP #146 [Removed Shopop | 08/10/2014 03:39:40]
Deleted : RP #147 [Removed Microsoft Silverlight | 08/10/2014 04:16:13]
Deleted : RP #148 [System Checkpoint | 08/11/2014 11:32:39]
Deleted : RP #149 [System Checkpoint | 08/12/2014 11:44:35]
Deleted : RP #150 [Removed Java(TM) 6 Update 13 | 08/14/2014 15:27:44]
Deleted : RP #151 [Removed Java(TM) 6 Update 13 | 08/14/2014 16:12:40]
Deleted : RP #152 [Installed Java 7 Update 67 | 08/14/2014 16:17:26]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
         
Zweites DelFix-Log (nochmals laufen gelassen, nachdem alles gelöscht wurde durch DelFix)
Zitat
Code:
ATTFilter
# DelFix v10.8 - Logfile created 15/08/2014 at 01:06:37
# Updated 29/07/2014 by Xplode
# Username : Administrator - DEBRECEN
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...


~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #130 [System Checkpoint | 08/14/2014 23:01:13]
Deleted : RP #131 [Software Distribution Service 3.0 | 08/14/2014 23:01:13]
Deleted : RP #132 [Software Distribution Service 3.0 | 08/14/2014 23:01:14]
Deleted : RP #133 [Software Distribution Service 3.0 | 08/14/2014 23:01:14]
Deleted : RP #134 [System Checkpoint | 08/14/2014 23:01:14]
Deleted : RP #135 [Removed HP Performance Tuning Framework | 08/14/2014 23:01:14]
Deleted : RP #136 [Installed HP Performance Tuning Framework | 08/14/2014 23:01:14]
Deleted : RP #137 [Installed HP Performance Advisor | 08/14/2014 23:01:14]
Deleted : RP #138 [System Checkpoint | 08/14/2014 23:01:14]
Deleted : RP #139 [System Checkpoint | 08/14/2014 23:01:14]
Deleted : RP #140 [System Checkpoint | 08/14/2014 23:01:14]
Deleted : RP #141 [System Checkpoint | 08/14/2014 23:01:14]
Deleted : RP #142 [System Checkpoint | 08/14/2014 23:01:14]
Deleted : RP #143 [Removed ATI Catalyst Control Center | 08/14/2014 23:01:14]
Deleted : RP #144 [Free Driver Scout | 08/14/2014 23:01:15]
Deleted : RP #145 [Free Driver Scout | 08/14/2014 23:01:15]
Deleted : RP #146 [Removed Shopop | 08/14/2014 23:01:15]
Deleted : RP #147 [Removed Microsoft Silverlight | 08/14/2014 23:01:15]
Deleted : RP #148 [System Checkpoint | 08/14/2014 23:01:15]
Deleted : RP #149 [System Checkpoint | 08/14/2014 23:01:15]
Deleted : RP #150 [Removed Java(TM) 6 Update 13 | 08/14/2014 23:01:15]
Deleted : RP #151 [Removed Java(TM) 6 Update 13 | 08/14/2014 23:01:15]
Deleted : RP #152 [Installed Java 7 Update 67 | 08/14/2014 23:01:15]
Deleted : RP #153 [End of disinfection | 08/14/2014 23:01:16]
Deleted : RP #154 [End of disinfection | 08/14/2014 23:01:19]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
         

Antwort

Themen zu Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry
branding, checkliste, clean up registry, flash player, fontcache, js/toolbar.crossrider.b, msil/toolbar.linkury.f, msil/toolbar.linkury.g, pup.optional.conduit.a, pup.optional.focusbase.a, pup.optional.globalupdate.a, pup.optional.outbrowse, pup.optional.searchprotect.a, pup.optional.smartbar, sich automatisch, software, speedchecker, speedupmycomputer / fixmyregistry, win32/injector.bizv, win32/installiq.a, win32/smartfileadvisor.a, win32/speedchecker.a, win32/toolbar.conduit.s, win32/toolbar.crossrider.aa, win32/toolbar.crossrider.af, win32/toolbar.crossrider.ag, win32/toolbar.crossrider.ah, win32/toolbar.crossrider.aj, win32/toolbar.crossrider.ak, win32/toolbar.crossrider.al



Ähnliche Themen: Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry


  1. Deinstallation von PC Performer
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (18)
  2. Windows 7 (64bit) Probleme bei Foxit Reader Deinstallation. Trojaner?
    Log-Analyse und Auswertung - 22.10.2014 (1)
  3. Beim Treiber Update "wiederspenstige" Software eingefangen. "SpeedUpMyComputer"
    Plagegeister aller Art und deren Bekämpfung - 27.05.2014 (3)
  4. WIN7 / Deinstallation von SpeedUpMyComputer / FixMyRegistry
    Plagegeister aller Art und deren Bekämpfung - 11.05.2014 (7)
  5. SpeedUpMyComputer / FixMyRegistry --> lassen sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 12.02.2014 (10)
  6. HILFE ERBETEN korrekte Deinstallation Avira Premium und INSTALLION+KoNFIGURATION AVAST windows 32 xp
    Antiviren-, Firewall- und andere Schutzprogramme - 26.01.2014 (20)
  7. SpeedupmyComputer.exe und Registryfix.exe
    Plagegeister aller Art und deren Bekämpfung - 10.01.2014 (3)
  8. Programme installieren sich von alleine (speedupmycomputer, fixmyregistry)
    Plagegeister aller Art und deren Bekämpfung - 05.12.2013 (17)
  9. Iminent auf Windows 7 unerklärlich installiert. Deinstallation nicht möglich...
    Log-Analyse und Auswertung - 28.10.2013 (13)
  10. Windows 7 , 64 bit: Restlose Deinstallation von SpyHunter4 nicht möglich
    Log-Analyse und Auswertung - 16.09.2013 (11)
  11. Probleme mit der windows registry (windows 7) bei der Deinstallation von Software.
    Alles rund um Windows - 13.08.2013 (15)
  12. Problem mit Windows Installer / Deinstallation und Installation funktioniert nicht
    Alles rund um Windows - 29.01.2011 (9)
  13. ZoneAlarm Deinstallation
    Diskussionsforum - 01.06.2010 (1)
  14. Windows startet nicht nach Linux deinstallation
    Alles rund um Windows - 28.01.2009 (9)
  15. AVG Deinstallation
    Antiviren-, Firewall- und andere Schutzprogramme - 20.12.2008 (5)
  16. Windows Startet nach Linux-"Deinstallation" nicht mehr
    Alles rund um Mac OSX & Linux - 03.04.2008 (1)
  17. MS-DOS-Modus und deinstallation von windows xp sowie Installation von windos 89
    Alles rund um Windows - 27.04.2005 (10)

Zum Thema Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry - Hallo zusammen, Habe mir bei der Suche nach Treibern "SpeedUpMyComputer / FixMyRegistry" runtergeladen und installiert. Nun habe ich versucht die Programme zu löschen aber es geht leider nicht. Wenn ich - Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry...
Archiv
Du betrachtest: Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.