Windows XP: Deinstallation von SpeedUpMyComputer / FixMyRegistry Hallo zusammen,
Habe mir bei der Suche nach Treibern "SpeedUpMyComputer / FixMyRegistry" runtergeladen und installiert.
Nun habe ich versucht die Programme zu löschen aber es geht leider nicht.
Wenn ich SpeedUpMyComputer deinstalliere, installiert es sich automatisch das FixMyRegistry
Und wenn ich FixMyRegistry deinstalliere installiert es automatisch das SpeedUpMyComputer.
----------
Ich bin gleich zu diesem Board geganen -- also keine eigenen Versuche unternommen. Denn mein Norton-Virenscanner ist seit einiger Zeit ausgeschaltet (Subscription nicht verlängert). Die Vorbereitungschritte habe ich für die Hilfe-Anfrage durchgeführt, wie in der Checkliste beschrieben -- die logfile-Texte sind unten angehängt.
Bemerkung:
ich werde mein Bertriebssystem von Win XP auf Win 8.1 upgraden. Muss aber die vorhandenen Dateien migrieren, die jetzt mit dieser Malware befallen sind. Somit kann ich die Harddisk nicht einfach formtieren.
Bitte um Hilfe.
Herzlichen Danke im vorraus
FRST
Zitat
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:9-08-2014 01
Ran by Administrator (administrator) on DEBRECEN on 10-08-2014 08:00:57
Running from C:\Documents and Settings\Administrator\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
() C:\Program Files\LPT\srpts.exe
(Speedchecker) C:\Program Files\Internet Speed Checker\554c9551-b337-43c8-ab01-4f36dcfd520a.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\ColorNavigator\ColorNavigatorAgent.exe
() C:\WINDOWS\SMINST\Scheduler.exe
() C:\Program Files\LPT\srptsl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\LPT\srptm.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\UniColor Pro\ucpro.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(TomTom) C:\Program Files\TomTom HOME 2\HOMERunner.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\EIZO EasyPIX\EasyPIX.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\ScreenSlicer\ESCSlicer.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\WINDOWS\system32\MDM.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Speedchecker) C:\Program Files\Internet Speed Checker\Internet Speed Checker-bg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UnoColor Pro] => C:\Program Files\EIZO\UniColor Pro\ucpro.exe [2712872 2009-04-10] (EIZO NANAO CORPORATION)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\HOMERunner.exe [202088 2008-05-06] (TomTom)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [RegistryBooster] => "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734312 2014-07-30] (Google)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UpdateMyDrivers] => C:\Program Files\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [SpeedUpMyComputer] => C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [FixMyRegistry] => C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe [1886840 2014-05-26] ()
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\MountPoints2: {2f3e41f9-a9a0-11df-87ef-002481ed8efc} - L:\InstallTomTomHOME.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EIZO EasyPIX.lnk
ShortcutTarget: EIZO EasyPIX.lnk -> C:\Program Files\EIZO\EIZO EasyPIX\EasyPIX.exe (EIZO NANAO CORPORATION)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EIZO ScreenSlicer.lnk
ShortcutTarget: EIZO ScreenSlicer.lnk -> C:\WINDOWS\Installer\{292A177D-723F-4537-9985-BC8BFCD8B63D}\ESCSlicer.exe1_87A06423E78E426E924121140A36B659.exe (Macrovision Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=55&CUI=&UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ch&c=91&bd=all&pf=cmws
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=58&CUI=&UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=58&CUI=&UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&q={searchTerms}&SSPV=
BHO: Internet Speed Checker -> {11111111-1111-1111-1111-110611171152} -> C:\Program Files\Internet Speed Checker\Internet Speed Checker-bho.dll (Speedchecker)
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360\Engine\4.4.0.12\IPSBHO.DLL (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} hxxp://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256340086406
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-10-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-24]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn
FF Extension: Norton IPS - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn [2011-01-25]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6 [2014-08-10]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [114688 2008-09-24] (Broadcom Corporation) [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-10] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-10] (globalUpdate) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2009-10-23] (Sun Microsystems, Inc.)
R2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [32776 2014-07-21] ()
R2 N360; C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [364544 2006-06-13] (SoftThinks) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [623640 2009-02-06] (PDF Complete Inc)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S4 adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [105472 2002-05-09] (Adaptec, Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [100368 2011-08-08] (Advanced Micro Devices)
R2 BASFND; C:\Program Files\Broadcom\MgmtAgent\BASFND.sys [10480 2008-12-04] (Broadcom Corporation) [File not signed]
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20120823.005\BHDrvx86.sys [995488 2012-08-23] (Symantec Corporation)
S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [89600 2008-10-29] (Broadcom Corporation) [File not signed]
R1 ccHP; C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys [485512 2011-08-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-08-27] (Symantec Corporation)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2008-04-14] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2008-04-14] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2008-04-14] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2008-04-14] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2008-04-14] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2008-04-14] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2008-04-14] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2008-04-14] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2008-04-14] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2008-04-14] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2008-04-14] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2008-04-14] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2008-04-14] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2008-04-14] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2008-04-14] (Intel(R) Corporation)
S3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20120825.001\IDSxpx86.sys [373216 2012-08-24] (Symantec Corporation)
S3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20120828.002\NAVENG.SYS [92704 2012-08-27] (Symantec Corporation)
S3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20120828.002\NAVEX15.SYS [1601184 2012-08-27] (Symantec Corporation)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [42752 2008-04-14] (Microsoft Corporation)
S3 SRTSP; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS [325680 2010-04-22] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS [43696 2010-04-22] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\N360\0404000.00C\SYMDS.SYS [328752 2010-02-04] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\N360\0404000.00C\SYMEFA.SYS [173176 2011-08-22] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2011-01-25] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)
S4 Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic) [File not signed]
R1 SYMTDI; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS [362360 2011-08-22] (Symantec Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-10 08:00 - 2014-08-10 08:01 - 00019549 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-08-10 08:00 - 2014-08-10 08:00 - 00000000 ____D () C:\FRST
2014-08-10 07:59 - 2014-08-10 07:59 - 01084928 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-08-10 07:56 - 2014-08-10 07:57 - 00000488 _____ () C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
2014-08-10 07:56 - 2014-08-10 07:56 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable
2014-08-10 07:50 - 2014-08-10 07:50 - 00050477 _____ () C:\Documents and Settings\Administrator\Desktop\Defogger.exe
2014-08-10 06:17 - 2014-08-10 06:17 - 00000865 _____ () C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
2014-08-10 06:13 - 2014-08-10 06:17 - 00000000 ____D () C:\Program Files\SmartTweak
2014-08-10 05:44 - 2014-08-10 05:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RegClean
2014-08-10 05:08 - 2014-08-10 06:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
2014-08-10 05:08 - 2014-08-10 05:44 - 00003824 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00002120 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00001634 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00001488 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00001380 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00001322 _____ () C:\WINDOWS\Tasks\554c9551-b337-43c8-ab01-4f36dcfd520a.job
2014-08-10 05:08 - 2014-08-10 05:44 - 00000944 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-10 05:08 - 2014-08-10 05:13 - 00000948 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Program Files\Internet Speed Checker
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Program Files\globalUpdate
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
2014-08-10 05:02 - 2014-08-10 05:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-10 05:02 - 2014-08-10 05:02 - 00000000 ____D () C:\Program Files\SoftwareUpdater
2014-08-10 05:02 - 2014-08-10 05:02 - 00000000 ____D () C:\Program Files\LPT
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\QuickScan
2014-08-10 04:58 - 2014-08-10 04:58 - 00637192 _____ (Free Driver Scout) C:\Documents and Settings\Administrator\Desktop\free-driver-scout.exe
2014-08-10 02:22 - 2014-08-10 02:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Program Files\AMD APP
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Pro Control Center
2014-08-10 02:15 - 2014-08-10 02:15 - 00017654 _____ () C:\WINDOWS\system32\CCCInstall_201408100215415156.log
2014-08-10 02:15 - 2014-08-10 02:15 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-10 02:14 - 2014-08-10 02:14 - 00000000 ____D () C:\Program Files\ATI
2014-08-10 02:14 - 2012-05-24 05:50 - 00956160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ativvamv.dll
2014-08-10 02:14 - 2012-05-24 04:44 - 00205720 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-08-10 02:14 - 2012-05-24 04:42 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-08-10 02:14 - 2011-08-08 22:58 - 00100368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdXP3.sys
2014-08-10 01:19 - 2014-08-10 06:17 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
2014-08-10 01:18 - 2014-08-10 01:18 - 03363688 _____ () C:\Documents and Settings\Administrator\Desktop\UpdateMyDrivers.exe
2014-08-09 21:19 - 2014-08-09 21:26 - 00000000 ____D () C:\Program Files\PCPitstop
2014-08-09 21:19 - 2014-08-09 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCPitstop
2014-08-09 11:51 - 2014-08-09 11:51 - 00000000 ____D () C:\Documents and Settings\pg\My Documents\ACER
2014-08-08 15:54 - 2014-08-08 15:54 - 00000761 _____ () C:\Documents and Settings\Administrator\Start Menu\SnagIt32.lnk
2014-08-08 14:09 - 2014-08-10 05:45 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Google Drive
2014-08-08 14:09 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Google Drive
2014-08-08 14:07 - 2014-08-08 14:07 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-08-02 13:59 - 2014-08-02 14:00 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\MAC EXAMPLES
2014-08-02 11:56 - 2014-08-02 12:51 - 05326417 _____ (Phil Harvey) C:\WINDOWS\exiftool.exe
2014-08-02 08:32 - 2014-08-02 08:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\SnagIt Catalog
2014-08-02 08:11 - 2014-08-02 08:11 - 00000000 ____D () C:\Program Files\ExifTool
2014-08-02 07:53 - 2014-08-02 08:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Luffi
2014-08-02 07:52 - 2014-08-02 07:56 - 00000000 ____D () C:\Program Files\Luffi
2014-08-02 06:24 - 2014-08-02 06:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\FileViewPro
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IsolatedStorage
2014-08-02 06:13 - 2014-08-02 06:13 - 00000000 ____D () C:\Spacekace
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Help
2014-08-01 17:42 - 2014-08-01 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Windows Search
2014-08-01 16:46 - 2014-08-01 16:46 - 00526936 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-01 16:14 - 2014-08-01 16:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Hewlett-Packard
2014-08-01 15:53 - 2014-08-01 16:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-01 10:30 - 2014-08-10 05:44 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-01 10:30 - 2014-08-08 15:31 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-10 08:01 - 2014-08-10 08:00 - 00019549 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-08-10 08:01 - 2010-08-26 18:32 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9E0D393-B7AA-4CF4-9C2A-849F2A0791C9}.job
2014-08-10 08:01 - 2009-10-24 06:55 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-08-10 08:00 - 2014-08-10 08:00 - 00000000 ____D () C:\FRST
2014-08-10 07:59 - 2014-08-10 07:59 - 01084928 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-08-10 07:57 - 2014-08-10 07:56 - 00000488 _____ () C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
2014-08-10 07:56 - 2014-08-10 07:56 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable
2014-08-10 07:56 - 2009-10-24 06:55 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-10 07:53 - 2012-06-25 13:27 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-10 07:50 - 2014-08-10 07:50 - 00050477 _____ () C:\Documents and Settings\Administrator\Desktop\Defogger.exe
2014-08-10 07:49 - 2011-12-15 12:42 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 07:34 - 2009-04-06 16:00 - 01695766 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-10 06:20 - 2014-08-10 05:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
2014-08-10 06:17 - 2014-08-10 06:17 - 00000865 _____ () C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
2014-08-10 06:17 - 2014-08-10 06:13 - 00000000 ____D () C:\Program Files\SmartTweak
2014-08-10 06:17 - 2014-08-10 01:19 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
2014-08-10 05:48 - 2009-04-06 15:51 - 00555864 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-10 05:45 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Google Drive
2014-08-10 05:44 - 2014-08-10 05:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RegClean
2014-08-10 05:44 - 2014-08-10 05:08 - 00003824 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00002120 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00001634 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00001488 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00001380 _____ () C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00001322 _____ () C:\WINDOWS\Tasks\554c9551-b337-43c8-ab01-4f36dcfd520a.job
2014-08-10 05:44 - 2014-08-10 05:08 - 00000944 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-10 05:44 - 2014-08-01 10:30 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-10 05:44 - 2012-06-25 13:08 - 00118784 _____ (SoftThinks) C:\WINDOWS\system32\chg.exe
2014-08-10 05:44 - 2011-12-15 12:42 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-10 05:44 - 2009-10-30 12:12 - 00000000 ____D () C:\WINDOWS\SMINST
2014-08-10 05:44 - 2009-10-24 06:53 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-10 05:44 - 2009-10-24 06:53 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-10 05:44 - 2009-10-24 06:53 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-08-10 05:44 - 2009-04-06 16:00 - 00855797 _____ () C:\WINDOWS\setupapi.log
2014-08-10 05:43 - 2009-05-20 13:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-10 05:42 - 2009-10-24 06:52 - 00032462 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-10 05:42 - 2009-10-23 13:33 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-08-10 05:42 - 2009-05-20 13:40 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-10 05:31 - 2010-10-10 22:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\07_IT
2014-08-10 05:13 - 2014-08-10 05:08 - 00000948 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-08-10 05:09 - 2014-08-10 05:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Program Files\Internet Speed Checker
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Program Files\globalUpdate
2014-08-10 05:08 - 2014-08-10 05:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
2014-08-10 05:02 - 2014-08-10 05:02 - 00000000 ____D () C:\Program Files\SoftwareUpdater
2014-08-10 05:02 - 2014-08-10 05:02 - 00000000 ____D () C:\Program Files\LPT
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\QuickScan
2014-08-10 04:58 - 2014-08-10 04:58 - 00637192 _____ (Free Driver Scout) C:\Documents and Settings\Administrator\Desktop\free-driver-scout.exe
2014-08-10 04:50 - 2009-10-24 06:55 - 00000000 ____D () C:\WINDOWS\Help
2014-08-10 02:22 - 2014-08-10 02:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Program Files\AMD APP
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Pro Control Center
2014-08-10 02:16 - 2009-10-23 23:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-10 02:15 - 2014-08-10 02:15 - 00017654 _____ () C:\WINDOWS\system32\CCCInstall_201408100215415156.log
2014-08-10 02:15 - 2014-08-10 02:15 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-10 02:15 - 2009-10-24 06:59 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-10 02:14 - 2014-08-10 02:14 - 00000000 ____D () C:\Program Files\ATI
2014-08-10 02:10 - 2009-10-23 13:29 - 00000000 ____D () C:\AMD
2014-08-10 01:18 - 2014-08-10 01:18 - 03363688 _____ () C:\Documents and Settings\Administrator\Desktop\UpdateMyDrivers.exe
2014-08-09 21:26 - 2014-08-09 21:19 - 00000000 ____D () C:\Program Files\PCPitstop
2014-08-09 21:19 - 2014-08-09 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCPitstop
2014-08-09 11:59 - 2010-03-21 13:35 - 00000178 ___SH () C:\Documents and Settings\user1.DEBRECEN\ntuser.ini
2014-08-09 11:59 - 2010-03-21 13:35 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\Local Settings\Temp
2014-08-09 11:51 - 2014-08-09 11:51 - 00000000 ____D () C:\Documents and Settings\pg\My Documents\ACER
2014-08-09 11:50 - 2010-10-09 01:28 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT
2014-08-09 01:34 - 2011-12-30 13:05 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\Local Settings\Application Data\Google
2014-08-09 01:32 - 2009-10-24 01:06 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-08-08 16:24 - 2009-10-30 13:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2014-08-08 15:54 - 2014-08-08 15:54 - 00000761 _____ () C:\Documents and Settings\Administrator\Start Menu\SnagIt32.lnk
2014-08-08 15:31 - 2014-08-01 10:30 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 14:09 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Google Drive
2014-08-08 14:07 - 2014-08-08 14:07 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-08-08 14:07 - 2009-10-30 13:24 - 00000000 ____D () C:\Program Files\Google
2014-08-06 00:48 - 2009-10-23 22:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PDFC
2014-08-03 20:09 - 2011-02-21 01:50 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\01_Analysis
2014-08-02 14:02 - 2011-04-10 00:41 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Job
2014-08-02 14:02 - 2010-03-21 23:06 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\Jobsearch
2014-08-02 14:00 - 2014-08-02 13:59 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\MAC EXAMPLES
2014-08-02 12:51 - 2014-08-02 11:56 - 05326417 _____ (Phil Harvey) C:\WINDOWS\exiftool.exe
2014-08-02 08:32 - 2014-08-02 08:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\SnagIt Catalog
2014-08-02 08:11 - 2014-08-02 08:11 - 00000000 ____D () C:\Program Files\ExifTool
2014-08-02 08:11 - 2014-08-02 07:53 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Luffi
2014-08-02 07:56 - 2014-08-02 07:52 - 00000000 ____D () C:\Program Files\Luffi
2014-08-02 06:24 - 2014-08-02 06:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\FileViewPro
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IsolatedStorage
2014-08-02 06:13 - 2014-08-02 06:13 - 00000000 ____D () C:\Spacekace
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Help
2014-08-01 17:50 - 2009-10-24 06:53 - 00004288 _____ () C:\WINDOWS\wmsetup.log
2014-08-01 17:50 - 2009-10-24 06:52 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-08-01 17:42 - 2014-08-01 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Windows Search
2014-08-01 16:46 - 2014-08-01 16:46 - 00526936 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-01 16:14 - 2014-08-01 16:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Hewlett-Packard
2014-08-01 16:12 - 2014-08-01 15:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-01 16:12 - 2009-10-23 22:03 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-01 15:53 - 2009-10-23 22:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP Cool Tools
2014-08-01 15:17 - 2011-12-15 12:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Google
2014-08-01 12:19 - 2010-09-07 00:33 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\00_Admin
2014-08-01 10:31 - 2011-12-15 12:41 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2014-08-01 08:44 - 2010-09-19 14:24 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\02_Trading
2014-07-11 21:06 - 2014-03-31 01:20 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\IBM
2014-07-11 21:02 - 2013-09-06 11:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-11 21:00 - 2009-10-24 01:51 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-11 21:00 - 2009-10-24 01:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-07-11 20:53 - 2012-06-25 13:27 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-11 20:53 - 2012-06-25 13:27 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\6_Offer_11.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\AtiCimUn.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\DownloadManager.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\FixMyRegistry.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nsb47.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nsl2E.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nsp2A.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\SearchProtectINT.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\sfa_inst.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\SpeedUpMyComputer.exe
C:\Documents and Settings\user1.DEBRECEN\Local Settings\Temp\vqhk35cq.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Addition
Zitat
Code:
Alles auswählen Aufklappen ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:9-08-2014 01
Ran by Administrator at 2014-08-10 08:01:22
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO Codecs (Version: 10.0.0.40103 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6D02AB7E-3B50-C6FE-F1CF-66F763D64E30}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Avery Wizard 5.0 (HKLM\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
BadCopy Pro (HKLM\...\BadCopy Pro) (Version: - )
Broadcom Management Programs (HKLM\...\{C3CB6145-2F42-4C1C-B938-E254C8B5F48B}) (Version: 11.75.09 - Broadcom Corporation)
Canon CanoScan Toolbox 4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version: - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Pro Control Center (Version: 2012.0523.2258.39384 - Ihr Firmenname) Hidden
CCC Help Chinese Standard (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
ColorNavigator (HKLM\...\{D5312328-0583-4E88-95EF-DE92A01797C2}) (Version: 5.2.3 - EIZO NANAO CORPORATION)
CutePDF (Evaluation) (HKLM\...\CutePDF (Evaluation)) (Version: - )
CutePDF Writer 2.3 (HKLM\...\CutePDF Writer Installation) (Version: - )
dvdisaster-0.72.3 (HKLM\...\dvdisaster_is1) (Version: - dvdisaster project)
EIZO EasyPIX Software (HKLM\...\{E9DF3B08-7541-42E3-AF57-BBF039D1DEE4}) (Version: 1.0.6 - EIZO NANAO CORPORATION)
EIZO ScreenSlicer (HKLM\...\{292A177D-723F-4537-9985-BC8BFCD8B63D}) (Version: 1.0.1.1 - EIZO NANAO CORPORATION)
FireGL driver for 3D Studio MAX/VIZ (HKLM\...\{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}) (Version: 6.14.10.5015 - )
FixMyRegistry (HKLM\...\FixMyRegistry) (Version: 38.1 - SmartTweak Software) <==== ATTENTION
Google Drive (HKLM\...\{BF55F7D7-7791-41DD-91D7-8EA595CE548C}) (Version: 1.17.7224.1867 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Backup and Recovery Manager (HKLM\...\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}) (Version: 2.5C - Hewlett-Packard Company)
HP Help and Support (HKLM\...\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}) (Version: 4.4.0002 - HPQ)
HP Performance Advisor (HKLM\...\{8E3138D3-686D-4F77-A807-CFF5CAEC98D7}) (Version: 1.7.6530 - Hewlett-Packard Company)
HP Performance Tuning Framework (HKLM\...\{03BFDA4C-5233-4EB6-8BD7-8D0AE3044757}) (Version: 2.28.3117 - Hewlett-Packard)
HydraVision (Version: 4.2.218.0 - Advanced Micro Devices, Inc.) Hidden
Internet Speed Checker (HKLM\...\Internet Speed Checker) (Version: 1.34.7.29 - Speedchecker)
IsoBuster 3.2 (HKLM\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
Java(TM) 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
LPT System Updater Service (HKLM\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Luffi - Let's use freeware! Fun included ;) (v. 2.3.238) (HKLM\...\Luffi) (Version: 1.0.238.0 - Das Luffi Team)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders (German) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft VM for Java (HKLM\...\MsJavaVM) (Version: - )
Microsoft Web Publishing Wizard 1.53 (HKLM\...\WebPost) (Version: - )
Norton 360 (HKLM\...\N360) (Version: 4.4.0.12 - Symantec Corporation)
PDF Complete (HKLM\...\PDF Complete) (Version: 3.5.85 - PDF Complete, Inc.)
Skins (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
TomTom HOME (HKLM\...\TomTom HOME) (Version: 2.3.1.92 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UniColor Pro (HKLM\...\{07D4FAFC-5D2C-49B0-9A9C-5726E5559381}) (Version: 1.3.0 - EIZO)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - ColorVision Inc (Spyder) USB (08/07/2006 1.0.0.2) (HKLM\...\3F4E49464F141105CA373E77D00E57404393778F) (Version: 08/07/2006 1.0.0.2 - ColorVision Inc)
Windows Driver Package - Datacolor (Spyder3) USB (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\A106663FD3361BDFACB045D83EBA03858EB1E411) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\F2F24872454C7CAEAABD8BB063F70FBEFF01989D) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - X-Rite (colormunki) XRiteDevices (08/21/2006 2.40.0.1315) (HKLM\...\975DA77B1E3D07FC79378569A82F13404D027518) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1) XRiteDevices (08/21/2006 2.40.0.1315) (HKLM\...\4BCA7532847C66A175AD419E8ED0CB00EA9F9A4A) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1) XRiteDevices (08/21/2006 2.40.0.1315) (HKLM\...\4E0F9F38E610D91FA71E1E43F274568B68C54028) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1display) XRiteDevices (08/21/2006 2.0.0.0) (HKLM\...\BE6334FA182AB4DD51AECFD703C81D6B65B2BBF3) (Version: 08/21/2006 2.0.0.0 - X-Rite)
Windows Driver Package - X-Rite (X-Rite) USB (01/10/2007 3.1.0.0) (HKLM\...\79EC760EF05657EC2806CC712767C4C3FCE76693) (Version: 01/10/2007 3.1.0.0 - X-Rite)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-965756728-169831054-4282204201-500_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
==================== Restore Points =========================
29-05-2014 21:20:42 System Checkpoint
29-05-2014 22:11:42 Software Distribution Service 3.0
11-06-2014 20:07:54 Software Distribution Service 3.0
11-07-2014 19:00:16 Software Distribution Service 3.0
01-08-2014 04:48:51 System Checkpoint
01-08-2014 13:53:01 Removed HP Performance Tuning Framework
01-08-2014 13:53:07 Installed HP Performance Tuning Framework
01-08-2014 14:12:14 Installed HP Performance Advisor
03-08-2014 18:56:49 System Checkpoint
05-08-2014 23:13:13 System Checkpoint
07-08-2014 17:34:59 System Checkpoint
08-08-2014 18:09:39 System Checkpoint
09-08-2014 21:12:29 System Checkpoint
10-08-2014 00:15:15 Removed ATI Catalyst Control Center
10-08-2014 03:02:34 Free Driver Scout
10-08-2014 03:05:38 Free Driver Scout
10-08-2014 03:39:40 Removed Shopop
10-08-2014 04:16:13 Removed Microsoft Silverlight
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-10-24 06:53 - 2008-04-14 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\554c9551-b337-43c8-ab01-4f36dcfd520a.job => C:\Program Files\Internet Speed Checker\554c9551-b337-43c8-ab01-4f36dcfd520a.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1.job => C:\Program Files\Internet Speed Checker\Internet Speed Checker-codedownloader.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.job => C:\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.job => C:\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.job => C:\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4.exe
Task: C:\WINDOWS\Tasks\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.job => C:\Program Files\Internet Speed Checker\6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9E0D393-B7AA-4CF4-9C2A-849F2A0791C9}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2011-04-09 21:23 - 2004-12-14 09:54 - 00081920 _____ () C:\WINDOWS\system32\cpwmon2k.dll
2014-07-21 18:49 - 2014-07-21 18:49 - 00032776 _____ () C:\Program Files\LPT\srpts.exe
2014-07-21 18:49 - 2014-07-21 18:59 - 00043016 _____ () C:\Program Files\LPT\srptc.dll
2014-07-21 18:48 - 2014-07-21 18:57 - 00018952 _____ () C:\Program Files\LPT\Smartbar.Common.dll
2014-05-08 13:21 - 2014-05-08 13:21 - 00301056 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.DEU
2009-06-02 14:59 - 2009-06-02 14:59 - 00142336 _____ () C:\Program Files\EIZO\ColorNavigator\CNHid.dll
2009-04-23 10:41 - 2009-04-23 10:41 - 00055808 _____ () C:\Program Files\EIZO\ColorNavigator\CNVideo.dll
2009-05-29 16:24 - 2009-05-29 16:24 - 00046080 _____ () C:\Program Files\EIZO\ColorNavigator\HidUsage.dll
2009-04-02 16:23 - 2009-04-02 16:23 - 00006656 _____ () C:\Program Files\EIZO\ColorNavigator\DisplayAreaSetting.dll
2009-05-29 16:24 - 2009-05-29 16:24 - 00055296 _____ () C:\Program Files\EIZO\ColorNavigator\CMYKValidation.dll
2009-05-07 11:32 - 2009-05-07 11:32 - 00082944 _____ () C:\Program Files\EIZO\ColorNavigator\ColorProfile.dll
2009-04-02 16:23 - 2009-04-02 16:23 - 00165376 _____ () C:\Program Files\EIZO\ColorNavigator\libcolour.dll
2009-10-30 12:12 - 2006-07-10 11:53 - 00872448 _____ () C:\WINDOWS\SMINST\Scheduler.exe
2014-07-21 18:49 - 2014-07-21 18:59 - 00034824 _____ () C:\Program Files\LPT\srptsl.exe
2014-07-21 18:49 - 2014-07-21 18:59 - 00069128 _____ () C:\Program Files\LPT\srut.dll
2014-07-21 18:49 - 2014-07-21 18:59 - 00023048 _____ () C:\Program Files\LPT\srptm.exe
2014-07-21 18:49 - 2014-07-21 18:59 - 00081928 _____ () C:\Program Files\LPT\srpt.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00067080 _____ () C:\Program Files\LPT\sppsm.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00158216 _____ () C:\Program Files\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00027144 _____ () C:\Program Files\LPT\Smartbar.Personalization.Common.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00165896 _____ () C:\Program Files\LPT\Smartbar.Infrastructure.Utilities.dll
2014-07-21 18:49 - 2014-07-21 18:59 - 00046088 _____ () C:\Program Files\LPT\srbu.dll
2014-07-21 18:49 - 2014-07-21 18:59 - 00025096 _____ () C:\Program Files\LPT\srpdm.dll
2014-07-21 18:47 - 2014-07-21 18:57 - 00026632 _____ () C:\Program Files\LPT\ProxySettings.dll
2014-07-21 18:48 - 2014-07-21 18:59 - 00044040 _____ () C:\Program Files\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-07-21 18:47 - 2014-07-21 18:57 - 00052744 _____ () C:\Program Files\LPT\Proxy.Lib.dll
2014-07-21 18:49 - 2014-07-21 18:59 - 00027656 _____ () C:\Program Files\LPT\sreu.dll
2008-04-14 14:42 - 2013-01-02 08:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2008-04-14 14:41 - 2008-04-14 14:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 14:42 - 2008-04-14 14:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2010-03-16 12:22 - 2010-03-16 12:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2012-05-23 22:57 - 2012-05-23 22:57 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2008-07-16 10:14 - 2008-07-16 10:14 - 00163840 ____R () C:\Program Files\EIZO\EIZO EasyPIX\libcolour.dll
2008-09-05 10:08 - 2008-09-05 10:08 - 00282624 _____ () C:\Program Files\EIZO\EIZO EasyPIX\IccProfLib.dll
2014-08-10 05:44 - 2014-08-10 05:44 - 00098816 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32api.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00110080 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\pywintypes27.dll
2014-08-10 05:44 - 2014-08-10 05:44 - 00364544 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\pythoncom27.dll
2014-08-10 05:44 - 2014-08-10 05:44 - 00045568 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_socket.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 01160704 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_ssl.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00320512 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32com.shell.shell.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00713216 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_hashlib.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 01175040 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._core_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00805888 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._gdi_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00811008 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._windows_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 01062400 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._controls_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00735232 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._misc_.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00128512 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_elementtree.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00127488 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\pyexpat.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00557056 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\pysqlite2._sqlite.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00007168 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\hashobjs_ext.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00087552 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_ctypes.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00119808 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32file.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00108544 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32security.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00018432 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32event.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00038912 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32inet.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00070656 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._html2.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00167936 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32gui.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00011264 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32crypt.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00027136 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\_multiprocessing.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00686080 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\unicodedata.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00122368 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._wizard.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00010240 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\select.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00024064 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32pipe.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00025600 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32pdh.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00525640 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\windows._lib_cacheinvalidation.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00035840 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32process.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00017408 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32profile.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00022528 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\win32ts.pyd
2014-08-10 05:44 - 2014-08-10 05:44 - 00078336 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI34762\wx._animate.pyd
2014-08-10 05:08 - 2014-08-10 05:08 - 00392560 _____ () c:\program files\internet speed checker\Internet Speed Checker-buttonutil.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\WINDOWS\exiftool.exe:�SummaryInformation
AlternateDataStreams: C:\WINDOWS\exiftool.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/10/2014 05:08:08 AM) (Source: MsiInstaller) (EventID: 11309) (User: DEBRECEN)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)
Error: (08/10/2014 05:02:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application PCSUQuickScan.exe, version 0.0.0.0, faulting module PCSUQuickScan.exe, version 0.0.0.0, fault address 0x00006ee0.
Processing media-specific event for [PCSUQuickScan.exe!ws!]
Error: (08/10/2014 05:01:37 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (08/10/2014 05:01:37 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (08/10/2014 00:32:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/10/2014 00:32:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/10/2014 00:32:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/10/2014 00:32:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/09/2014 10:32:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]
Error: (08/09/2014 10:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]
System errors:
=============
Error: (08/10/2014 05:44:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/10/2014 05:10:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/10/2014 02:22:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/10/2014 00:36:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/09/2014 08:24:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/09/2014 08:57:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/09/2014 01:34:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/08/2014 01:54:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/07/2014 06:38:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/06/2014 05:14:15 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\iaStor0
Microsoft Office Sessions:
=========================
Error: (02/11/2012 02:53:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1028 seconds with 1020 seconds of active time. This session ended with a crash.
Error: (01/22/2011 10:16:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30333 seconds with 1080 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 3567.21 MB
Available physical RAM: 2620.71 MB
Total Pagefile: 5448.47 MB
Available Pagefile: 4232.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.08 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:453.3 GB) (Free:395.17 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive j: (HP_RECOVERY) (Fixed) (Total:12.46 GB) (Free:2.63 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 3B2B3B2B)
Partition 1: (Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Gmer
Zitat
Code:
Alles auswählen Aufklappen ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-10 10:02:42
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Intel___ rev.1.0. 465.76GB
Running: Gmer-19357.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uwlyapob.sys
---- System - GMER 2.1 ----
SSDT 89829050 ZwAlertResumeThread
SSDT 8985E050 ZwAlertThread
SSDT 89748390 ZwAllocateVirtualMemory
SSDT 89857050 ZwAssignProcessToJobObject
SSDT 899B4128 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwCreateKey [0xAD070210]
SSDT 89755008 ZwCreateMutant
SSDT 898F9F38 ZwCreateSymbolicLinkObject
SSDT 897E8C38 ZwCreateThread
SSDT 89794050 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwDeleteKey [0xAD070490]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwDeleteValueKey [0xAD0709F0]
SSDT 897695B8 ZwDuplicateObject
SSDT 8974C1B0 ZwFreeVirtualMemory
SSDT 89844050 ZwImpersonateAnonymousToken
SSDT 897FF050 ZwImpersonateThread
SSDT 8999A518 ZwLoadDriver
SSDT 897EDF00 ZwMapViewOfSection
SSDT 8977C050 ZwOpenEvent
SSDT 89747100 ZwOpenProcess
SSDT 8975E110 ZwOpenProcessToken
SSDT 89852050 ZwOpenSection
SSDT 89755310 ZwOpenThread
SSDT 8979AD60 ZwProtectVirtualMemory
SSDT 8988A050 ZwResumeThread
SSDT 89854050 ZwSetContextThread
SSDT 897B9F38 ZwSetInformationProcess
SSDT 89865050 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwSetValueKey [0xAD070C40]
SSDT 89874050 ZwSuspendProcess
SSDT 898E7790 ZwSuspendThread
SSDT 8A7DA4F8 ZwTerminateProcess
SSDT 89789050 ZwTerminateThread
SSDT 89769DB0 ZwUnmapViewOfSection
SSDT 8A824E88 ZwWriteVirtualMemory
---- Kernel code sections - GMER 2.1 ----
? SYMDS.SYS The system cannot find the file specified. !
? SYMEFA.SYS The system cannot find the file specified. !
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB946D000, 0x2BCEC4, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\SearchIndexer.exe[2172] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetSysColor 7E418E78 5 Bytes JMP 004170D0 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetSysColorBrush 7E418EAB 5 Bytes JMP 00417140 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!SetScrollInfo 7E419056 7 Bytes JMP 00416FC0 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetScrollInfo 7E42DFE2 7 Bytes JMP 00416F10 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!ShowScrollBar 7E42F2F2 5 Bytes JMP 00417090 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetScrollPos 7E42F704 5 Bytes JMP 00416F50 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!SetScrollPos 7E42F750 5 Bytes JMP 00417000 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!GetScrollRange 7E42F787 5 Bytes JMP 00416F80 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!SetScrollRange 7E42F99B 5 Bytes JMP 00417040 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[2380] USER32.dll!EnableScrollBar 7E468005 7 Bytes JMP 00416ED0 C:\WINDOWS\SMINST\Scheduler.exe
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Baum-Darstellung