Hallo Mathias, ich habe die 3 Schritte ausgführt, hier die Log Dateien:
Bemerkung:
- AdwCleaner: 3 Log-Dateien, mit Nummerierung R0, R1 und S0
- MBAM: ich musste 2 mal neu anfangen, deshalb 3 MBAM Log-Dateien
AdwCleaner Nr. R0
Zitat Code:
# AdwCleaner v3.304 - Report created 10/08/2014 at 18:03:44
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DEBRECEN
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
# Option : Scan
***** [ Services ] *****
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : LPTSystemUpdater
***** [ Files / Folders ] *****
File Found : C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
Folder Found : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\focusbase
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
Folder Found : C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
Folder Found : C:\Documents and Settings\All Users\Application Data\RegClean
Folder Found : C:\Documents and Settings\user1.DEBRECEN\Application Data\Uniblue
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\Program Files\Internet Speed Checker
Folder Found : C:\Program Files\LPT
Folder Found : C:\Program Files\SmartTweak
Folder Found : C:\Program Files\SoftwareUpdater
***** [ Scheduled Tasks ] *****
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : 554c9551-b337-43c8-ab01-4f36dcfd520a
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Internet Speed Checker
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171152}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\smarttweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\Software\GlobalUpdate
Key Found : HKLM\Software\InstalledBrowserExtensions
Key Found : HKLM\Software\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FixMyRegistry
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found :
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\Software\Uniblue
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RegistryBooster]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] -
hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=55&CUI=&
UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&SSPV=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] -
hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw
pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] -
hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw
pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] -
hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw
pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] -
hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw
pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] -
hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgw
pcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
*************************
AdwCleaner[R0].txt - [12076 octets] - [10/08/2014 18:03:44]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12137 octets] ##########
AdwCleaner Nr. R1
Zitat Code:
# AdwCleaner v3.304 - Report created 10/08/2014 at 18:05:04
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DEBRECEN
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
# Option : Scan
***** [ Services ] *****
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : LPTSystemUpdater
***** [ Files / Folders ] *****
File Found : C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
Folder Found : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\focusbase
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
Folder Found : C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
Folder Found : C:\Documents and Settings\All Users\Application Data\RegClean
Folder Found : C:\Documents and Settings\user1.DEBRECEN\Application Data\Uniblue
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\Program Files\Internet Speed Checker
Folder Found : C:\Program Files\LPT
Folder Found : C:\Program Files\SmartTweak
Folder Found : C:\Program Files\SoftwareUpdater
***** [ Scheduled Tasks ] *****
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : 554c9551-b337-43c8-ab01-4f36dcfd520a
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4
Task Found : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Internet Speed Checker
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171152}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\smarttweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\Software\GlobalUpdate
Key Found : HKLM\Software\InstalledBrowserExtensions
Key Found : HKLM\Software\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FixMyRegistry
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Speed Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611171152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\Software\Uniblue
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RegistryBooster]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M6BEDEE3C-740E-4CD8-A4E2-2C05120885E4&SearchSource=55&CUI=&UM=6&UP=SP0FA9283F-FC7D-41B0-A746-103D378C5529&SSPV=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fOykecGIjWN3egdV9YJOH6mcFiJX_KCumrNyq66ECJeEcgwpcgf5cK9RVodNcgOkQw-YYdJuWfieWVdkLXCOn3zwuLBdFNCnWo0nUD_OIBEq1uhMldvMnQ59RCA-vbK_rB9wjecLfYtPhg,,&q={searchTerms}
*************************
AdwCleaner[R0].txt - [12218 octets] - [10/08/2014 18:03:44]
AdwCleaner[R1].txt - [12137 octets] - [10/08/2014 18:05:04]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [12198 octets] ##########
AdwCleaner Nr. S0
Zitat Code:
# AdwCleaner v3.304 - Report created 10/08/2014 at 18:05:27
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DEBRECEN
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : LPTSystemUpdater
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\RegClean
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\LPT
Folder Deleted : C:\Program Files\SmartTweak
Folder Deleted : C:\Program Files\SoftwareUpdater
Folder Deleted : C:\Program Files\Internet Speed Checker
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\globalUpdate
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Internet Speed Checker
Folder Deleted : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\focusbase
Folder Deleted : C:\Documents and Settings\Administrator\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Documents and Settings\user1.DEBRECEN\Application Data\Uniblue
File Deleted : C:\Documents and Settings\Administrator\Desktop\FixMyRegistry.lnk
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 554c9551-b337-43c8-ab01-4f36dcfd520a
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-1
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-11
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-2
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-4
Task Deleted : 6909362e-abd2-4ce6-b4b9-a74fe9ce80d3-5
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RegistryBooster]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061752.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061752.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Internet Speed Checker
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\InstalledBrowserExtensions
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FixMyRegistry
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Speed Checker
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
*************************
AdwCleaner[R0].txt - [12218 octets] - [10/08/2014 18:03:44]
AdwCleaner[R1].txt - [12279 octets] - [10/08/2014 18:05:04]
AdwCleaner[S0].txt - [11070 octets] - [10/08/2014 18:05:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11131 octets] ##########
MBAM Nr1
Zitat Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 10.08.2014 18:35:59, SYSTEM, DEBRECEN, Protection, Malware Protection, Starting,
Protection, 10.08.2014 18:35:59, SYSTEM, DEBRECEN, Protection, Malware Protection, Started,
Protection, 10.08.2014 18:35:59, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 18:36:01, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started,
Update, 10.08.2014 18:36:02, SYSTEM, DEBRECEN, Manual, Rootkit Database, 2014.2.20.1, 2014.8.4.1,
Update, 10.08.2014 18:36:15, SYSTEM, DEBRECEN, Manual, Malware Database, 2014.3.4.9, 2014.8.10.4,
Protection, 10.08.2014 18:36:16, SYSTEM, DEBRECEN, Protection, Refresh, Starting,
Protection, 10.08.2014 18:36:16, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopping,
Protection, 10.08.2014 18:36:16, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopped,
Protection, 10.08.2014 18:36:23, SYSTEM, DEBRECEN, Protection, Refresh, Success,
Protection, 10.08.2014 18:36:24, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 18:36:26, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started,
Protection, 10.08.2014 18:58:39, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopping,
Protection, 10.08.2014 18:58:39, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopped,
Protection, 10.08.2014 18:58:39, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 18:58:43, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started,
Protection, 10.08.2014 19:01:07, SYSTEM, DEBRECEN, Protection, Malware Protection, Starting,
Protection, 10.08.2014 19:01:07, SYSTEM, DEBRECEN, Protection, Malware Protection, Started,
Protection, 10.08.2014 19:01:07, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 19:01:13, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started,
Protection, 10.08.2014 19:05:02, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopping,
Protection, 10.08.2014 19:05:03, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopped,
Protection, 10.08.2014 19:05:03, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 19:05:07, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started,
Protection, 10.08.2014 19:23:10, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopping,
Protection, 10.08.2014 19:23:10, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Stopped,
Protection, 10.08.2014 19:23:10, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 19:23:15, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started,
Protection, 10.08.2014 19:25:25, SYSTEM, DEBRECEN, Protection, Malware Protection, Starting,
Protection, 10.08.2014 19:25:26, SYSTEM, DEBRECEN, Protection, Malware Protection, Started,
Protection, 10.08.2014 19:25:26, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 19:25:54, SYSTEM, DEBRECEN, Protection, Malicious Website Protection, Started,
(end)
MBAM Nr. 2
Zitat Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 10.08.2014
Suchlauf-Zeit: 19:06:13
Logdatei: anti-maleware nr.2_19-06-13.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.10.04
Rootkit Datenbank: v2014.08.04.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Administrator
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 434075
Verstrichene Zeit: 14 Min, 50 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 1
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 1
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
Dateien: 17
PUP.Optional.SmartBar, C:\WINDOWS\Installer\MSI4C.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [9dfbd1f1b0cb4ee8cb72b17dd92748b8],
PUP.Optional.SmartBar, C:\WINDOWS\Installer\MSI5A.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [4b4d5c66f388c76f98a5111d21dfe917],
PUP.Optional.SmartBar, C:\WINDOWS\Installer\MSI75.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [8d0b15adec8f8caaeb52d35b43bda060],
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5AV4AY66\spstub[1].exe, In Quarantäne, [dcbc39892f4cff371738bdd4e71a29d7],
PUP.Optional.SearchProtect.A, C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NWIUQ7OU\SPSetup[1].exe, In Quarantäne, [e7b1774bd9a22a0ca06b77201de4e41c],
PUP.Optional.SearchProtect.A, C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\QCOSKRK9\SearchProtectGeneric2[1].exe, In Quarantäne, [b6e2d4ee1962d06623cebd7e629ed12f],
PUP.Optional.FocusBase.A, C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\X4FYPJDL\focusbaseSetup[1].exe, In Quarantäne, [267209b9f5864ee8e770cee829db03fd],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleCrashHandler.exe, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleUpdate.exe, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleUpdateBroker.exe, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleUpdateHelper.msi, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\GoogleUpdateOnDemand.exe, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\goopdate.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\goopdateres_en.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\npGoogleUpdate4.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\psmachine.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
PUP.Optional.GlobalUpdate.A, C:\Documents and Settings\Administrator\Local Settings\Temp\comh.154443\psuser.dll, In Quarantäne, [0f89378b82f988ae4c28814ccb3715eb],
Physische Sektoren: 0
(No malicious items detected)
(end)
MBAM Nr. 3
Zitat Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 10.08.2014
Suchlauf-Zeit: 18:39:22
Logdatei: anti-maleware nr.3_19-39-22.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.10.04
Rootkit Datenbank: v2014.08.04.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Administrator
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgebrochen
Durchsuchte Objekte: 35931
Verstrichene Zeit: 15 Min, 30 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 7
PUP.Optional.OutBrowse, C:\Documents and Settings\Administrator\Desktop\free-driver-scout.exe, In Quarantäne, [b23a6460c4b7d66013091d0109f743bd],
PUP.Optional.OutBrowse, C:\Documents and Settings\Administrator\Local Settings\Temp\DownloadManager.exe, In Quarantäne, [c12ba51f770482b4b5676cb2748ccc34],
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temp\nsb47.exe, In Quarantäne, [0ae2497b1665e254d90b216b6998b24e],
PUP.Optional.SearchProtect.A, C:\Documents and Settings\Administrator\Local Settings\Temp\nsk24.tmp, In Quarantäne, [09e3dce8364514225fac5047ba47649c],
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temp\nsl2E.exe, In Quarantäne, [8f5df9cb710a51e508dc632923deea16],
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temp\nsp2A.exe, In Quarantäne, [628af1d34f2cea4cb52f74189e6317e9],
PUP.Optional.Conduit.A, C:\Documents and Settings\Administrator\Local Settings\Temp\SearchProtectINT.exe, In Quarantäne, [df0d368efd7ea3937bb135f27b86e818],
Physische Sektoren: 0
(No malicious items detected)
(end)
FRST
Zitat
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-08-2014 01
Ran by Administrator (administrator) on DEBRECEN on 10-08-2014 20:02:58
Running from C:\Documents and Settings\Administrator\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\ColorNavigator\ColorNavigatorAgent.exe
() C:\WINDOWS\SMINST\Scheduler.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\UniColor Pro\ucpro.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(TomTom) C:\Program Files\TomTom HOME 2\HOMERunner.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\EIZO EasyPIX\EasyPIX.exe
(EIZO NANAO CORPORATION) C:\Program Files\EIZO\ScreenSlicer\ESCSlicer.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UnoColor Pro] => C:\Program Files\EIZO\UniColor Pro\ucpro.exe [2712872 2009-04-10] (EIZO NANAO CORPORATION)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\HOMERunner.exe [202088 2008-05-06] (TomTom)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734312 2014-07-30] (Google)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [UpdateMyDrivers] => C:\Program Files\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-12-15] (Google Inc.)
HKU\S-1-5-21-965756728-169831054-4282204201-500\...\MountPoints2: {2f3e41f9-a9a0-11df-87ef-002481ed8efc} - L:\InstallTomTomHOME.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EIZO EasyPIX.lnk
ShortcutTarget: EIZO EasyPIX.lnk -> C:\Program Files\EIZO\EIZO EasyPIX\EasyPIX.exe (EIZO NANAO CORPORATION)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EIZO ScreenSlicer.lnk
ShortcutTarget: EIZO ScreenSlicer.lnk -> C:\WINDOWS\Installer\{292A177D-723F-4537-9985-BC8BFCD8B63D}\ESCSlicer.exe1_87A06423E78E426E924121140A36B659.exe (Macrovision Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\4.4.0.12\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ch&c=91&bd=all&pf=cmws
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360\Engine\4.4.0.12\IPSBHO.DLL (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} hxxp://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256340086406
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-10-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-24]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn
FF Extension: Norton IPS - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn [2011-01-25]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn_2010_9_0_6 [2014-08-10]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [114688 2008-09-24] (Broadcom Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2009-10-23] (Sun Microsystems, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [364544 2006-06-13] (SoftThinks) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [623640 2009-02-06] (PDF Complete Inc)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S4 adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [105472 2002-05-09] (Adaptec, Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [100368 2011-08-08] (Advanced Micro Devices)
R2 BASFND; C:\Program Files\Broadcom\MgmtAgent\BASFND.sys [10480 2008-12-04] (Broadcom Corporation) [File not signed]
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20120823.005\BHDrvx86.sys [995488 2012-08-23] (Symantec Corporation)
S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [89600 2008-10-29] (Broadcom Corporation) [File not signed]
R1 ccHP; C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys [485512 2011-08-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-08-27] (Symantec Corporation)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2008-04-14] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2008-04-14] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2008-04-14] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2008-04-14] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2008-04-14] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2008-04-14] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2008-04-14] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2008-04-14] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2008-04-14] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2008-04-14] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2008-04-14] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2008-04-14] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2008-04-14] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2008-04-14] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2008-04-14] (Intel(R) Corporation)
S3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20120825.001\IDSxpx86.sys [373216 2012-08-24] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-10] (Malwarebytes Corporation)
S3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20120828.002\NAVENG.SYS [92704 2012-08-27] (Symantec Corporation)
S3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20120828.002\NAVEX15.SYS [1601184 2012-08-27] (Symantec Corporation)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [42752 2008-04-14] (Microsoft Corporation)
S3 SRTSP; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS [325680 2010-04-22] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS [43696 2010-04-22] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\N360\0404000.00C\SYMDS.SYS [328752 2010-02-04] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\N360\0404000.00C\SYMEFA.SYS [173176 2011-08-22] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2011-01-25] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)
S4 Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic) [File not signed]
R1 SYMTDI; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS [362360 2011-08-22] (Symantec Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-10 20:02 - 2014-08-10 20:02 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\FRST-OlderVersion
2014-08-10 19:44 - 2014-08-10 19:44 - 00001211 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.2_19-04-38.txt
2014-08-10 19:42 - 2014-08-10 19:42 - 00002218 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.4_19-39-22.txt
2014-08-10 19:40 - 2014-08-10 19:40 - 00004415 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.3_19-06-13.txt
2014-08-10 19:38 - 2014-08-10 19:38 - 00003293 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.1_19-35-59.txt
2014-08-10 18:55 - 2014-08-10 18:55 - 00002118 _____ () C:\Documents and Settings\Administrator\Desktop\malwar protololl 1.txt
2014-08-10 18:35 - 2014-08-10 19:26 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-10 18:35 - 2014-08-10 18:35 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-10 18:35 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-10 18:35 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-10 18:31 - 2014-08-10 18:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Administrator\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-10 18:12 - 2014-08-10 18:12 - 00012218 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R0].txt
2014-08-10 18:10 - 2014-08-10 18:10 - 00012279 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R1].txt
2014-08-10 18:09 - 2014-08-10 18:09 - 00011212 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[S0].txt
2014-08-10 18:08 - 2014-08-10 19:25 - 00118784 _____ (SoftThinks) C:\WINDOWS\system32\chg.exe
2014-08-10 18:03 - 2014-08-10 18:11 - 00000000 ____D () C:\AdwCleaner
2014-08-10 18:00 - 2014-08-10 18:00 - 01366203 _____ () C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
2014-08-10 10:02 - 2014-08-10 10:02 - 00006773 _____ () C:\Documents and Settings\Administrator\Desktop\Gmer.txt
2014-08-10 08:16 - 2014-08-10 10:24 - 00000239 _____ () C:\Documents and Settings\Administrator\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.url
2014-08-10 08:06 - 2014-08-10 08:06 - 00380416 _____ () C:\Documents and Settings\Administrator\Desktop\Gmer-19357.exe
2014-08-10 08:01 - 2014-08-10 08:01 - 00036618 _____ () C:\Documents and Settings\Administrator\Desktop\Addition.txt
2014-08-10 08:00 - 2014-08-10 20:03 - 00016755 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-08-10 08:00 - 2014-08-10 20:03 - 00000000 ____D () C:\FRST
2014-08-10 07:59 - 2014-08-10 20:02 - 01091072 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-08-10 07:56 - 2014-08-10 07:57 - 00000488 _____ () C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
2014-08-10 07:56 - 2014-08-10 07:56 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable
2014-08-10 07:50 - 2014-08-10 07:50 - 00050477 _____ () C:\Documents and Settings\Administrator\Desktop\Defogger.exe
2014-08-10 05:02 - 2014-08-10 05:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\QuickScan
2014-08-10 02:22 - 2014-08-10 02:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Program Files\AMD APP
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Pro Control Center
2014-08-10 02:15 - 2014-08-10 02:15 - 00017654 _____ () C:\WINDOWS\system32\CCCInstall_201408100215415156.log
2014-08-10 02:15 - 2014-08-10 02:15 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-10 02:14 - 2014-08-10 02:14 - 00000000 ____D () C:\Program Files\ATI
2014-08-10 02:14 - 2012-05-24 05:50 - 00956160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ativvamv.dll
2014-08-10 02:14 - 2012-05-24 04:44 - 00205720 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-08-10 02:14 - 2012-05-24 04:42 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-08-10 02:14 - 2011-08-08 22:58 - 00100368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdXP3.sys
2014-08-10 01:18 - 2014-08-10 01:18 - 03363688 _____ () C:\Documents and Settings\Administrator\Desktop\UpdateMyDrivers.exe
2014-08-09 21:19 - 2014-08-09 21:26 - 00000000 ____D () C:\Program Files\PCPitstop
2014-08-09 21:19 - 2014-08-09 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCPitstop
2014-08-09 11:51 - 2014-08-09 11:51 - 00000000 ____D () C:\Documents and Settings\pg\My Documents\ACER
2014-08-08 15:54 - 2014-08-08 15:54 - 00000761 _____ () C:\Documents and Settings\Administrator\Start Menu\SnagIt32.lnk
2014-08-08 14:09 - 2014-08-10 19:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Google Drive
2014-08-08 14:09 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Google Drive
2014-08-08 14:07 - 2014-08-08 14:07 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-08-02 13:59 - 2014-08-02 14:00 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\MAC EXAMPLES
2014-08-02 11:56 - 2014-08-02 12:51 - 05326417 _____ (Phil Harvey) C:\WINDOWS\exiftool.exe
2014-08-02 08:32 - 2014-08-02 08:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\SnagIt Catalog
2014-08-02 08:11 - 2014-08-02 08:11 - 00000000 ____D () C:\Program Files\ExifTool
2014-08-02 07:53 - 2014-08-02 08:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Luffi
2014-08-02 07:52 - 2014-08-02 07:56 - 00000000 ____D () C:\Program Files\Luffi
2014-08-02 06:24 - 2014-08-02 06:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\FileViewPro
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IsolatedStorage
2014-08-02 06:13 - 2014-08-02 06:13 - 00000000 ____D () C:\Spacekace
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Help
2014-08-01 17:42 - 2014-08-01 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Windows Search
2014-08-01 16:46 - 2014-08-01 16:46 - 00526936 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-01 16:14 - 2014-08-01 16:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Hewlett-Packard
2014-08-01 15:53 - 2014-08-01 16:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-01 10:30 - 2014-08-10 19:25 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-01 10:30 - 2014-08-08 15:31 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-10 20:03 - 2014-08-10 08:00 - 00016755 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-08-10 20:03 - 2014-08-10 08:00 - 00000000 ____D () C:\FRST
2014-08-10 20:03 - 2009-10-24 06:55 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-08-10 20:02 - 2014-08-10 20:02 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\FRST-OlderVersion
2014-08-10 20:02 - 2014-08-10 07:59 - 01091072 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-08-10 20:01 - 2010-08-26 18:32 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9E0D393-B7AA-4CF4-9C2A-849F2A0791C9}.job
2014-08-10 19:53 - 2012-06-25 13:27 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-10 19:49 - 2011-12-15 12:42 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 19:44 - 2014-08-10 19:44 - 00001211 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.2_19-04-38.txt
2014-08-10 19:42 - 2014-08-10 19:42 - 00002218 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.4_19-39-22.txt
2014-08-10 19:40 - 2014-08-10 19:40 - 00004415 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.3_19-06-13.txt
2014-08-10 19:38 - 2014-08-10 19:38 - 00003293 _____ () C:\Documents and Settings\Administrator\Desktop\anti-maleware nr.1_19-35-59.txt
2014-08-10 19:29 - 2009-04-06 15:51 - 00555864 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-10 19:27 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Google Drive
2014-08-10 19:27 - 2009-04-06 16:00 - 01732628 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-10 19:27 - 2009-04-06 16:00 - 00908591 _____ () C:\WINDOWS\setupapi.log
2014-08-10 19:26 - 2014-08-10 18:35 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-10 19:26 - 2009-10-30 12:12 - 00000000 ____D () C:\WINDOWS\SMINST
2014-08-10 19:25 - 2014-08-10 18:08 - 00118784 _____ (SoftThinks) C:\WINDOWS\system32\chg.exe
2014-08-10 19:25 - 2014-08-01 10:30 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-10 19:25 - 2011-12-15 12:42 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-10 19:25 - 2009-10-24 06:53 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-10 19:25 - 2009-10-24 06:53 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-10 19:25 - 2009-10-24 06:53 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-08-10 19:24 - 2009-10-24 06:55 - 00000000 ____D () C:\WINDOWS\L2Schemas
2014-08-10 19:24 - 2009-05-20 13:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-10 19:23 - 2009-10-24 06:52 - 00032468 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-10 19:23 - 2009-10-23 13:33 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-08-10 19:23 - 2009-05-20 13:40 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-10 19:00 - 2011-04-23 19:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508272$
2014-08-10 18:55 - 2014-08-10 18:55 - 00002118 _____ () C:\Documents and Settings\Administrator\Desktop\malwar protololl 1.txt
2014-08-10 18:35 - 2014-08-10 18:35 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-10 18:35 - 2014-08-10 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-10 18:31 - 2014-08-10 18:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Administrator\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-10 18:30 - 2010-10-10 22:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\07_IT
2014-08-10 18:12 - 2014-08-10 18:12 - 00012218 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R0].txt
2014-08-10 18:11 - 2014-08-10 18:03 - 00000000 ____D () C:\AdwCleaner
2014-08-10 18:10 - 2014-08-10 18:10 - 00012279 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[R1].txt
2014-08-10 18:09 - 2014-08-10 18:09 - 00011212 _____ () C:\Documents and Settings\Administrator\Desktop\AdwCleaner[S0].txt
2014-08-10 18:00 - 2014-08-10 18:00 - 01366203 _____ () C:\Documents and Settings\Administrator\Desktop\adwcleaner_3.304.exe
2014-08-10 10:24 - 2014-08-10 08:16 - 00000239 _____ () C:\Documents and Settings\Administrator\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.url
2014-08-10 10:02 - 2014-08-10 10:02 - 00006773 _____ () C:\Documents and Settings\Administrator\Desktop\Gmer.txt
2014-08-10 08:06 - 2014-08-10 08:06 - 00380416 _____ () C:\Documents and Settings\Administrator\Desktop\Gmer-19357.exe
2014-08-10 08:01 - 2014-08-10 08:01 - 00036618 _____ () C:\Documents and Settings\Administrator\Desktop\Addition.txt
2014-08-10 07:57 - 2014-08-10 07:56 - 00000488 _____ () C:\Documents and Settings\Administrator\Desktop\defogger_disable.log
2014-08-10 07:56 - 2014-08-10 07:56 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable
2014-08-10 07:56 - 2009-10-24 06:55 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-10 07:50 - 2014-08-10 07:50 - 00050477 _____ () C:\Documents and Settings\Administrator\Desktop\Defogger.exe
2014-08-10 05:09 - 2014-08-10 05:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-08-10 05:01 - 2014-08-10 05:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\QuickScan
2014-08-10 04:50 - 2009-10-24 06:55 - 00000000 ____D () C:\WINDOWS\Help
2014-08-10 02:22 - 2014-08-10 02:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Program Files\AMD APP
2014-08-10 02:16 - 2014-08-10 02:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Pro Control Center
2014-08-10 02:16 - 2009-10-23 23:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-10 02:15 - 2014-08-10 02:15 - 00017654 _____ () C:\WINDOWS\system32\CCCInstall_201408100215415156.log
2014-08-10 02:15 - 2014-08-10 02:15 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-08-10 02:15 - 2009-10-24 06:59 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-10 02:14 - 2014-08-10 02:14 - 00000000 ____D () C:\Program Files\ATI
2014-08-10 02:10 - 2009-10-23 13:29 - 00000000 ____D () C:\AMD
2014-08-10 01:18 - 2014-08-10 01:18 - 03363688 _____ () C:\Documents and Settings\Administrator\Desktop\UpdateMyDrivers.exe
2014-08-09 21:26 - 2014-08-09 21:19 - 00000000 ____D () C:\Program Files\PCPitstop
2014-08-09 21:19 - 2014-08-09 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCPitstop
2014-08-09 11:59 - 2010-03-21 13:35 - 00000178 ___SH () C:\Documents and Settings\user1.DEBRECEN\ntuser.ini
2014-08-09 11:59 - 2010-03-21 13:35 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\Local Settings\Temp
2014-08-09 11:51 - 2014-08-09 11:51 - 00000000 ____D () C:\Documents and Settings\pg\My Documents\ACER
2014-08-09 11:50 - 2010-10-09 01:28 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\07_IT
2014-08-09 01:34 - 2011-12-30 13:05 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\Local Settings\Application Data\Google
2014-08-09 01:32 - 2009-10-24 01:06 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-08-08 16:24 - 2009-10-30 13:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2014-08-08 15:54 - 2014-08-08 15:54 - 00000761 _____ () C:\Documents and Settings\Administrator\Start Menu\SnagIt32.lnk
2014-08-08 15:31 - 2014-08-01 10:30 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 14:09 - 2014-08-08 14:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Google Drive
2014-08-08 14:07 - 2014-08-08 14:07 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-08-08 14:07 - 2014-08-08 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-08-08 14:07 - 2009-10-30 13:24 - 00000000 ____D () C:\Program Files\Google
2014-08-06 00:48 - 2009-10-23 22:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PDFC
2014-08-03 20:09 - 2011-02-21 01:50 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\01_Analysis
2014-08-02 14:02 - 2011-04-10 00:41 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Job
2014-08-02 14:02 - 2010-03-21 23:06 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\Jobsearch
2014-08-02 14:00 - 2014-08-02 13:59 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\MAC EXAMPLES
2014-08-02 12:51 - 2014-08-02 11:56 - 05326417 _____ (Phil Harvey) C:\WINDOWS\exiftool.exe
2014-08-02 08:32 - 2014-08-02 08:32 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\SnagIt Catalog
2014-08-02 08:11 - 2014-08-02 08:11 - 00000000 ____D () C:\Program Files\ExifTool
2014-08-02 08:11 - 2014-08-02 07:53 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Luffi
2014-08-02 07:56 - 2014-08-02 07:52 - 00000000 ____D () C:\Program Files\Luffi
2014-08-02 06:24 - 2014-08-02 06:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\FileViewPro
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2014-08-02 06:23 - 2014-08-02 06:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\IsolatedStorage
2014-08-02 06:13 - 2014-08-02 06:13 - 00000000 ____D () C:\Spacekace
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
2014-08-01 21:45 - 2014-08-01 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Help
2014-08-01 17:50 - 2009-10-24 06:53 - 00004288 _____ () C:\WINDOWS\wmsetup.log
2014-08-01 17:50 - 2009-10-24 06:52 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-08-01 17:42 - 2014-08-01 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Windows Search
2014-08-01 16:46 - 2014-08-01 16:46 - 00526936 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-01 16:14 - 2014-08-01 16:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Hewlett-Packard
2014-08-01 16:12 - 2014-08-01 15:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-01 16:12 - 2009-10-23 22:03 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-01 15:53 - 2009-10-23 22:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP Cool Tools
2014-08-01 15:17 - 2011-12-15 12:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Google
2014-08-01 12:19 - 2010-09-07 00:33 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\00_Admin
2014-08-01 10:31 - 2011-12-15 12:41 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2014-08-01 08:44 - 2010-09-19 14:24 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\02_Trading
2014-07-11 21:06 - 2014-03-31 01:20 - 00000000 ____D () C:\Documents and Settings\user1.DEBRECEN\My Documents\IBM
2014-07-11 21:02 - 2013-09-06 11:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-11 21:00 - 2009-10-24 01:51 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-11 21:00 - 2009-10-24 01:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-07-11 20:53 - 2012-06-25 13:27 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-11 20:53 - 2012-06-25 13:27 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\6_Offer_11.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\AtiCimUn.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\FixMyRegistry.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\sfa_inst.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\SpeedUpMyComputer.exe
C:\Documents and Settings\user1.DEBRECEN\Local Settings\Temp\vqhk35cq.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================ --- --- ---
Addition
Zitat Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:10-08-2014 01
Ran by Administrator at 2014-08-10 20:03:37
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO Codecs (Version: 10.0.0.40103 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6D02AB7E-3B50-C6FE-F1CF-66F763D64E30}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Avery Wizard 5.0 (HKLM\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
BadCopy Pro (HKLM\...\BadCopy Pro) (Version: - )
Broadcom Management Programs (HKLM\...\{C3CB6145-2F42-4C1C-B938-E254C8B5F48B}) (Version: 11.75.09 - Broadcom Corporation)
Canon CanoScan Toolbox 4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version: - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
Catalyst Pro Control Center (Version: 2012.0523.2258.39384 - Ihr Firmenname) Hidden
CCC Help Chinese Standard (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0523.2257.39384 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
ColorNavigator (HKLM\...\{D5312328-0583-4E88-95EF-DE92A01797C2}) (Version: 5.2.3 - EIZO NANAO CORPORATION)
CutePDF (Evaluation) (HKLM\...\CutePDF (Evaluation)) (Version: - )
CutePDF Writer 2.3 (HKLM\...\CutePDF Writer Installation) (Version: - )
dvdisaster-0.72.3 (HKLM\...\dvdisaster_is1) (Version: - dvdisaster project)
EIZO EasyPIX Software (HKLM\...\{E9DF3B08-7541-42E3-AF57-BBF039D1DEE4}) (Version: 1.0.6 - EIZO NANAO CORPORATION)
EIZO ScreenSlicer (HKLM\...\{292A177D-723F-4537-9985-BC8BFCD8B63D}) (Version: 1.0.1.1 - EIZO NANAO CORPORATION)
FireGL driver for 3D Studio MAX/VIZ (HKLM\...\{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}) (Version: 6.14.10.5015 - )
Google Drive (HKLM\...\{BF55F7D7-7791-41DD-91D7-8EA595CE548C}) (Version: 1.17.7224.1867 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Backup and Recovery Manager (HKLM\...\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}) (Version: 2.5C - Hewlett-Packard Company)
HP Help and Support (HKLM\...\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}) (Version: 4.4.0002 - HPQ)
HP Performance Advisor (HKLM\...\{8E3138D3-686D-4F77-A807-CFF5CAEC98D7}) (Version: 1.7.6530 - Hewlett-Packard Company)
HP Performance Tuning Framework (HKLM\...\{03BFDA4C-5233-4EB6-8BD7-8D0AE3044757}) (Version: 2.28.3117 - Hewlett-Packard)
HydraVision (Version: 4.2.218.0 - Advanced Micro Devices, Inc.) Hidden
IsoBuster 3.2 (HKLM\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
Java(TM) 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Luffi - Let's use freeware! Fun included ;) (v. 2.3.238) (HKLM\...\Luffi) (Version: 1.0.238.0 - Das Luffi Team)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders (German) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft VM for Java (HKLM\...\MsJavaVM) (Version: - )
Microsoft Web Publishing Wizard 1.53 (HKLM\...\WebPost) (Version: - )
Norton 360 (HKLM\...\N360) (Version: 4.4.0.12 - Symantec Corporation)
PDF Complete (HKLM\...\PDF Complete) (Version: 3.5.85 - PDF Complete, Inc.)
Skins (Version: 2012.0523.2258.39384 - Advanced Micro Devices, Inc.) Hidden
TomTom HOME (HKLM\...\TomTom HOME) (Version: 2.3.1.92 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UniColor Pro (HKLM\...\{07D4FAFC-5D2C-49B0-9A9C-5726E5559381}) (Version: 1.3.0 - EIZO)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - ColorVision Inc (Spyder) USB (08/07/2006 1.0.0.2) (HKLM\...\3F4E49464F141105CA373E77D00E57404393778F) (Version: 08/07/2006 1.0.0.2 - ColorVision Inc)
Windows Driver Package - Datacolor (Spyder3) USB (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\A106663FD3361BDFACB045D83EBA03858EB1E411) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\F2F24872454C7CAEAABD8BB063F70FBEFF01989D) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - X-Rite (colormunki) XRiteDevices (08/21/2006 2.40.0.1315) (HKLM\...\975DA77B1E3D07FC79378569A82F13404D027518) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1) XRiteDevices (08/21/2006 2.40.0.1315) (HKLM\...\4BCA7532847C66A175AD419E8ED0CB00EA9F9A4A) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1) XRiteDevices (08/21/2006 2.40.0.1315) (HKLM\...\4E0F9F38E610D91FA71E1E43F274568B68C54028) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (i1display) XRiteDevices (08/21/2006 2.0.0.0) (HKLM\...\BE6334FA182AB4DD51AECFD703C81D6B65B2BBF3) (Version: 08/21/2006 2.0.0.0 - X-Rite)
Windows Driver Package - X-Rite (X-Rite) USB (01/10/2007 3.1.0.0) (HKLM\...\79EC760EF05657EC2806CC712767C4C3FCE76693) (Version: 01/10/2007 3.1.0.0 - X-Rite)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-965756728-169831054-4282204201-500_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
==================== Restore Points =========================
29-05-2014 21:20:42 System Checkpoint
29-05-2014 22:11:42 Software Distribution Service 3.0
11-06-2014 20:07:54 Software Distribution Service 3.0
11-07-2014 19:00:16 Software Distribution Service 3.0
01-08-2014 04:48:51 System Checkpoint
01-08-2014 13:53:01 Removed HP Performance Tuning Framework
01-08-2014 13:53:07 Installed HP Performance Tuning Framework
01-08-2014 14:12:14 Installed HP Performance Advisor
03-08-2014 18:56:49 System Checkpoint
05-08-2014 23:13:13 System Checkpoint
07-08-2014 17:34:59 System Checkpoint
08-08-2014 18:09:39 System Checkpoint
09-08-2014 21:12:29 System Checkpoint
10-08-2014 00:15:15 Removed ATI Catalyst Control Center
10-08-2014 03:02:34 Free Driver Scout
10-08-2014 03:05:38 Free Driver Scout
10-08-2014 03:39:40 Removed Shopop
10-08-2014 04:16:13 Removed Microsoft Silverlight
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-10-24 06:53 - 2008-04-14 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9E0D393-B7AA-4CF4-9C2A-849F2A0791C9}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2011-04-09 21:23 - 2004-12-14 09:54 - 00081920 _____ () C:\WINDOWS\system32\cpwmon2k.dll
2014-05-08 13:21 - 2014-05-08 13:21 - 00301056 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.DEU
2009-06-02 14:59 - 2009-06-02 14:59 - 00142336 _____ () C:\Program Files\EIZO\ColorNavigator\CNHid.dll
2009-04-23 10:41 - 2009-04-23 10:41 - 00055808 _____ () C:\Program Files\EIZO\ColorNavigator\CNVideo.dll
2009-05-29 16:24 - 2009-05-29 16:24 - 00046080 _____ () C:\Program Files\EIZO\ColorNavigator\HidUsage.dll
2009-04-02 16:23 - 2009-04-02 16:23 - 00006656 _____ () C:\Program Files\EIZO\ColorNavigator\DisplayAreaSetting.dll
2009-05-29 16:24 - 2009-05-29 16:24 - 00055296 _____ () C:\Program Files\EIZO\ColorNavigator\CMYKValidation.dll
2009-05-07 11:32 - 2009-05-07 11:32 - 00082944 _____ () C:\Program Files\EIZO\ColorNavigator\ColorProfile.dll
2009-04-02 16:23 - 2009-04-02 16:23 - 00165376 _____ () C:\Program Files\EIZO\ColorNavigator\libcolour.dll
2009-10-30 12:12 - 2006-07-10 11:53 - 00872448 _____ () C:\WINDOWS\SMINST\Scheduler.exe
2008-04-14 14:42 - 2013-01-02 08:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2008-04-14 14:41 - 2008-04-14 14:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 14:42 - 2008-04-14 14:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2010-03-16 12:22 - 2010-03-16 12:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2012-05-23 22:57 - 2012-05-23 22:57 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-10 19:26 - 2014-08-10 19:26 - 00098816 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32api.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00110080 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\pywintypes27.dll
2014-08-10 19:26 - 2014-08-10 19:26 - 00364544 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\pythoncom27.dll
2014-08-10 19:26 - 2014-08-10 19:26 - 00045568 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_socket.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 01160704 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_ssl.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00320512 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32com.shell.shell.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00713216 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_hashlib.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 01175040 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._core_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00805888 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._gdi_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00811008 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._windows_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 01062400 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._controls_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00735232 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._misc_.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00128512 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_elementtree.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00127488 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\pyexpat.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00557056 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\pysqlite2._sqlite.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00007168 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\hashobjs_ext.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00087552 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_ctypes.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00119808 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32file.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00108544 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32security.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00018432 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32event.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00038912 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32inet.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00070656 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._html2.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00167936 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32gui.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00011264 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32crypt.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00027136 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\_multiprocessing.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00686080 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\unicodedata.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00122368 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._wizard.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00010240 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\select.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00024064 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32pipe.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00025600 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32pdh.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00525640 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\windows._lib_cacheinvalidation.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00035840 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32process.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00017408 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32profile.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00022528 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\win32ts.pyd
2014-08-10 19:26 - 2014-08-10 19:26 - 00078336 _____ () C:\Documents and Settings\Administrator\Local Settings\Temp\_MEI12522\wx._animate.pyd
2008-07-16 10:14 - 2008-07-16 10:14 - 00163840 ____R () C:\Program Files\EIZO\EIZO EasyPIX\libcolour.dll
2008-09-05 10:08 - 2008-09-05 10:08 - 00282624 _____ () C:\Program Files\EIZO\EIZO EasyPIX\IccProfLib.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\WINDOWS\exiftool.exe:SummaryInformation
AlternateDataStreams: C:\WINDOWS\exiftool.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/10/2014 05:08:08 AM) (Source: MsiInstaller) (EventID: 11309) (User: DEBRECEN)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)
Error: (08/10/2014 05:02:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application PCSUQuickScan.exe, version 0.0.0.0, faulting module PCSUQuickScan.exe, version 0.0.0.0, fault address 0x00006ee0.
Processing media-specific event for [PCSUQuickScan.exe!ws!]
Error: (08/10/2014 05:01:37 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (08/10/2014 05:01:37 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (08/10/2014 00:32:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/10/2014 00:32:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/10/2014 00:32:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/10/2014 00:32:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/09/2014 10:32:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]
Error: (08/09/2014 10:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]
System errors:
=============
Error: (08/10/2014 07:26:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
Error: (08/10/2014 07:25:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
Error: (08/10/2014 07:25:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
atapi
i8042prt
Error: (08/10/2014 07:24:49 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Error: (08/10/2014 07:01:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
atapi
i8042prt
Error: (08/10/2014 06:08:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/10/2014 02:10:35 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\iaStor0
Error: (08/10/2014 10:19:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (08/10/2014 10:19:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the N360 service.
Error: (08/10/2014 10:19:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the N360 service.
Microsoft Office Sessions:
=========================
Error: (02/11/2012 02:53:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1028 seconds with 1020 seconds of active time. This session ended with a crash.
Error: (01/22/2011 10:16:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30333 seconds with 1080 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 3567.21 MB
Available physical RAM: 2714.68 MB
Total Pagefile: 5448.3 MB
Available Pagefile: 4285.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:453.3 GB) (Free:395.14 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive j: (HP_RECOVERY) (Fixed) (Total:12.46 GB) (Free:2.63 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 3B2B3B2B)
Partition 1: (Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |