| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.07.2013, 06:52
| #1 |
| |  Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? Hallo zusammen, ich bin neu hier und in Sachen Viren und Trojaner ein Neuling. Meine Frau rief mich gestern ganz überraschend an und sagte der Laptop würde spinnen. Als ich abends nach Hause kam hatte ich ein Programm names System Care Antivirus auf dem Desktop, in der Leiste, im Startmenü und geöffnet auf dem Bildschirm. Mein Rechner wäre infiziert und ich solle dieses Programm kaufen, was ich natürlich nicht getan habe. Nach zahlreichen Versuchen und Scans mit Antivir und Glary Utilitys hatte ich mir Spybot runtergeladen. Außerdem habe ich habe auf C:\ im Ordner Programdata den entsprechenden Ordner mit System Care Antivirus gelöscht. Der Ordnername war eine lange Zahlen bzw. Zahlen-Buchstabenfolge. In diesem Ordner befanden sich 3 Dateien, u. a. dieses Programm. Mein AntiVir hatte über Nacht auch noch 2 Trojaner gefunden die isoliert wurden. Fragt mich nicht welche das waren. Nun läuft mein PC eigentlich wieder gut wie zuvor. Ich habe nur Angst, dass mein Rechner nicht sauber ist und Passwörter oder ähnliches gefisht werden. Was kann ich tun um sicher zu gehen, dass alles sauber ist? Ich möchte den Rechner nicht platt machen. Für Hilfe wäre ich dankbar. |
|
05.07.2013, 06:56
| #2 |
| /// the machine /// TB-Ausbilder    | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
05.07.2013, 07:16
| #3 |
| | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? Ich werde das heute Abend mal versuche. Befinde mich gerade auf der Arbeit.
__________________Bist du heute Abend noch da Schrauber? |
|
05.07.2013, 09:33
| #4 |
| /// the machine /// TB-Ausbilder | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? Ich wohne hier 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.07.2013, 12:46
| #5 |
| | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Patrick Zirk (administrator) on 05-07-2013 13:45:00
Running from C:\Users\Patrick Zirk\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Glarysoft Ltd) C:\Program Files\Glary Utilities 3\Integrator.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 3\MemfilesService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe [381440 2009-08-06] (shbox.de)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13797920 2009-08-15] (NVIDIA Corporation)
HKLM\...\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-08] (Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe (Acresso Software Inc.)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Patrick Zirk\AppData\Roaming\Mozilla\Firefox\Profiles\g3jcprpy.default
FF user.js: detected! => C:\Users\Patrick Zirk\AppData\Roaming\Mozilla\Firefox\Profiles\g3jcprpy.default\user.js
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.1864 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.1924 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.857 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Patrick Zirk\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\Patrick Zirk\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Patrick Zirk\AppData\Roaming\Mozilla\Firefox\Profiles\g3jcprpy.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Yahoo! Toolbar - C:\Users\Patrick Zirk\AppData\Roaming\Mozilla\Firefox\Profiles\g3jcprpy.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
==================== Drivers (Whitelisted) ====================
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-08] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-08] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-10-11] (Avira GmbH)
S3 cpuz132; C:\Windows\system32\drivers\cpuz132_x32.sys [12672 2009-03-27] (Windows (R) Codename Longhorn DDK provider)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
R3 ProcObsrv; C:\Program Files\Glary Utilities 3\ProcObsrv.sys [11552 2013-07-04] (Glarysoft Ltd)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2009-03-16] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-09-01] (CyberLink Corp.)
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-05 13:44 - 2013-07-05 13:44 - 00000000 ____D C:\FRST
2013-07-05 13:42 - 2013-07-05 13:44 - 01373373 ____A (Farbar) C:\Users\Patrick Zirk\Desktop\FRST.exe
2013-07-05 13:16 - 2013-07-05 13:16 - 00000000 ____D C:\Stinger_Quarantine
2013-07-05 13:15 - 2013-07-05 13:29 - 00000000 ____D C:\Program Files\stinger
2013-07-05 13:03 - 2013-07-05 13:03 - 00001074 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-05 13:03 - 2013-07-05 13:03 - 00000000 ____D C:\Users\Patrick Zirk\AppData\Roaming\Malwarebytes
2013-07-05 13:03 - 2013-07-05 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-05 13:03 - 2013-07-05 13:03 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-05 13:03 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-04 21:37 - 2013-07-04 21:37 - 00000079 ____A C:\Windows\wininit.ini
2013-07-04 21:10 - 2013-07-04 21:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-07-04 20:59 - 2013-07-04 20:59 - 00001045 ____A C:\Users\Public\Desktop\Glary Utilities 3.lnk
2013-07-04 20:58 - 2013-07-05 13:38 - 00000334 ____A C:\Windows\Tasks\GlaryInitialize 3.job
2013-07-04 20:58 - 2013-07-05 13:38 - 00000000 ____D C:\Program Files\Glary Utilities 3
2013-07-04 19:47 - 2013-07-04 19:47 - 00000000 ____D C:\Users\Patrick Zirk\Documents\ProcAlyzer Dumps
2013-07-04 19:02 - 2013-07-04 19:47 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-04 19:01 - 2013-07-04 21:39 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-07-04 19:00 - 2013-07-04 19:01 - 36271144 ____A (Safer-Networking Ltd. ) C:\Users\Patrick Zirk\Downloads\spybot-2.1.exe
2013-07-04 06:23 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-03 06:23 - 2013-07-03 06:23 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-03 06:23 - 2013-07-03 06:23 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-03 06:23 - 2013-07-03 06:23 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-03 06:23 - 2013-07-03 06:23 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-03 06:23 - 2013-07-03 06:23 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-03 06:21 - 2013-07-03 06:21 - 03419136 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 02284544 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 01988096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 01247744 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 01158144 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 01080832 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00906240 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00604160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00417792 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00364544 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00187392 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-03 06:17 - 2013-07-03 06:26 - 00011259 ____A C:\Windows\IE10_main.log
2013-06-15 21:15 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 21:15 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 21:15 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-15 21:14 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 21:14 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 21:14 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 21:14 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 21:14 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 21:14 - 2013-05-06 07:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-15 21:14 - 2013-05-06 07:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-15 21:11 - 2013-05-08 07:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
==================== One Month Modified Files and Folders ========
2013-07-05 13:44 - 2013-07-05 13:44 - 00000000 ____D C:\FRST
2013-07-05 13:44 - 2013-07-05 13:42 - 01373373 ____A (Farbar) C:\Users\Patrick Zirk\Desktop\FRST.exe
2013-07-05 13:38 - 2013-07-04 20:58 - 00000334 ____A C:\Windows\Tasks\GlaryInitialize 3.job
2013-07-05 13:38 - 2013-07-04 20:58 - 00000000 ____D C:\Program Files\Glary Utilities 3
2013-07-05 13:37 - 2009-07-14 06:53 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-05 13:37 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-05 13:37 - 2009-07-14 06:39 - 22186320 ____A C:\Windows\setupact.log
2013-07-05 13:29 - 2013-07-05 13:15 - 00000000 ____D C:\Program Files\stinger
2013-07-05 13:29 - 2009-12-26 17:36 - 01587671 ____A C:\Windows\WindowsUpdate.log
2013-07-05 13:16 - 2013-07-05 13:16 - 00000000 ____D C:\Stinger_Quarantine
2013-07-05 13:07 - 2009-12-26 16:38 - 00011440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-05 13:07 - 2009-12-26 16:38 - 00011440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-05 13:03 - 2013-07-05 13:03 - 00001074 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-05 13:03 - 2013-07-05 13:03 - 00000000 ____D C:\Users\Patrick Zirk\AppData\Roaming\Malwarebytes
2013-07-05 13:03 - 2013-07-05 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-05 13:03 - 2013-07-05 13:03 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-05 12:59 - 2009-08-12 15:12 - 00045056 ____A C:\Windows\System32\acovcnt.exe
2013-07-04 23:33 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-07-04 21:39 - 2013-07-04 19:01 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-07-04 21:39 - 2009-12-26 17:18 - 00223632 ____A C:\Windows\PFRO.log
2013-07-04 21:37 - 2013-07-04 21:37 - 00000079 ____A C:\Windows\wininit.ini
2013-07-04 21:10 - 2013-07-04 21:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-07-04 21:02 - 2011-08-20 11:40 - 00000000 ____D C:\Users\Patrick Zirk\AppData\Roaming\GlarySoft
2013-07-04 20:59 - 2013-07-04 20:59 - 00001045 ____A C:\Users\Public\Desktop\Glary Utilities 3.lnk
2013-07-04 20:56 - 2011-08-21 12:42 - 00000000 ____D C:\Program Files\Nokia
2013-07-04 20:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-07-04 20:49 - 2009-07-17 19:06 - 00040752 ____A C:\Windows\DPINST.LOG
2013-07-04 20:45 - 2009-08-12 15:26 - 00000000 ____D C:\Users\Patrick Zirk\AppData\Roaming\Macromedia
2013-07-04 20:43 - 2009-08-20 05:40 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-04 19:47 - 2013-07-04 19:47 - 00000000 ____D C:\Users\Patrick Zirk\Documents\ProcAlyzer Dumps
2013-07-04 19:47 - 2013-07-04 19:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-04 19:01 - 2013-07-04 19:00 - 36271144 ____A (Safer-Networking Ltd. ) C:\Users\Patrick Zirk\Downloads\spybot-2.1.exe
2013-07-03 06:26 - 2013-07-03 06:17 - 00011259 ____A C:\Windows\IE10_main.log
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\zh-TW
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\zh-HK
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\zh-CN
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\tr-TR
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\sv-SE
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\ru-RU
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\pt-PT
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\pt-BR
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\pl-PL
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\nl-NL
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\nb-NO
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\ko-KR
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\ja-JP
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\it-IT
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\hu-HU
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\fr-FR
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\fi-FI
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\el-GR
2013-07-03 06:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-07-03 06:23 - 2013-07-03 06:23 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-03 06:23 - 2013-07-03 06:23 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-03 06:23 - 2013-07-03 06:23 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-03 06:23 - 2013-07-03 06:23 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-03 06:23 - 2013-07-03 06:23 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-03 06:23 - 2013-07-03 06:23 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-03 06:23 - 2013-07-03 06:23 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-03 06:23 - 2013-07-03 06:23 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-03 06:21 - 2013-07-03 06:21 - 03419136 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 02284544 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 01988096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 01247744 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 01158144 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 01080832 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00906240 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00604160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00417792 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00364544 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00187392 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-03 06:21 - 2013-07-03 06:21 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-01 18:17 - 2009-08-12 22:45 - 00006540 ____A C:\fpRedmon.log
2013-07-01 18:17 - 2009-08-12 22:45 - 00000000 ____D C:\Users\Patrick Zirk\AppData\Local\FreePDF_XP
2013-06-16 15:26 - 2010-01-29 23:38 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-04 23:25
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-07-2013 Ran by Patrick Zirk at 2013-07-05 13:45:29 Running from C:\Users\Patrick Zirk\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 11 ActiveX (Version: 11.1.102.55) Adobe Flash Player 11 Plugin (Version: 11.4.402.287) Adobe Reader 9.0.1 - Deutsch (Version: 9.0.1) Adobe SVG Viewer 3.0 (Version: 3.0) Advertising Center (Version: 0.0.0.1) Apple Software Update (Version: 1.0.0.7) ASUS Live Update (Version: 2.5.9) ASUS Power4Gear Hybrid (Version: 1.1.24) ASUS Splendid Video Enhancement Technology (Version: 1.02.0028) ASUS Virtual Camera (Version: 1.0.19) Asus_Camera_ScreenSaver (Version: 2.0.0007) Atheros Client Installation Program (Version: 7.0) ATK Generic Function Service (Version: 1.00.0008) ATK Hotkey (Version: 1.0.0053) ATK Media (Version: 2.0.0006) ATKOSD2 (Version: 7.0.0007) Avira Free Antivirus (Version: 12.1.9.2400) Cisco EAP-FAST Module (Version: 2.2.9) Cisco LEAP Module (Version: 1.0.15) Cisco PEAP Module (Version: 1.1.2) CPUID CPU-Z 1.52.1 CyberLink LabelPrint (Version: 2.0.2908) CyberLink PowerDVD 9 (Version: 9.0.1501) CyberLink PowerDVD 9 (Version: 9.0.2201) ElsterFormular (Version: 14.1.11318) ElsterFormular 2008/2009 (Version: 10.2.1.0) Eraser 6.0.8.2273 (Version: 6.0.2273) Express Burn Disc Burning Software Express Gate (Version: 1.1.6.0) FileZilla Client 3.2.4.1 (HKCU Version: 3.2.4.1) FreePDF (Remove only) Glary Utilities 3 (v3.6.0.125) (Version: 3.6.0.125) GPL Ghostscript 8.70 Inkscape 0.48.2 (Version: 0.48.2) Java Auto Updater (Version: 2.0.3.1) Java(TM) 6 Update 24 (Version: 6.0.240) Junk Mail filter update (Version: 14.0.8089.726) LightScribe System Software 1.14.17.1 (Version: 1.14.17.1) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Choice Guard (Version: 2.0.48.0) Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1) Microsoft Office Outlook Connector (Version: 12.0.6414.1000) Microsoft Office XP Small Business (Version: 10.0.6626.0) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Mozilla Firefox (3.6.3) (Version: 3.6.3 (de)) MSVC80_x86_v2 (Version: 1.0.3.0) MSVC90_x86 (Version: 1.0.1.2) MSVCRT (Version: 14.0.1468.721) MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) NB Probe Nero 9 Essentials Nero ControlCenter (Version: 9.0.0.1) Nero Installer (Version: 4.4.9.0) Nero Online Upgrade (Version: 1.3.0.0) Nero StartSmart (Version: 9.4.12.100) Nero StartSmart OEM (Version: 9.4.10.100) neroxml (Version: 1.0.0) NVIDIA Drivers (Version: 1.9) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0) Picasa 3 (Version: 3.9) RealPlayer Realtek High Definition Audio Driver (Version: 6.0.1.5915) Realtek USB 2.0 Card Reader (Version: ) Realtek USB 2.0 Card Reader (Version: 6.1.7100.30087) RedMon - Redirection Port Monitor SRS Premium Sound Control Panel (Version: 1.07.0300) Synaptics Pointing Device Driver (Version: 13.2.6.1) Synchredible v1.5 TomTom HOME 2.8.2.2264 (Version: 2.8.2.2264) TomTom HOME Visual Studio Merge Modules (Version: 1.0.2) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) USB 2.0 UVC 1.3M WebCam WIDCOMM Bluetooth Software (Version: 5.2.0.800) Windows Live Call (Version: 14.0.8064.0206) Windows Live Communications Platform (Version: 14.0.8098.930) Windows Live Essentials (Version: 14.0.8089.0726) Windows Live Essentials (Version: 14.0.8089.726) Windows Live Family Safety (Version: 14.0.8093.805) Windows Live Fotogalerie (Version: 14.0.8081.709) Windows Live ID-Anmelde-Assistent (Version: 6.500.3165.0) Windows Live Mail (Version: 14.0.8089.0726) Windows Live Messenger (Version: 14.0.8089.0726) Windows Live Movie Maker (Version: 14.0.8091.0730) Windows Live Sync (Version: 14.0.8089.726) Windows Live Writer (Version: 14.0.8089.0726) Windows Live-Uploadtool (Version: 14.0.8014.1029) WinFlash (Version: 2.29.0) WinRAR Wireless Console 2 (Version: 2.0.10) ==================== Restore Points ========================= 22-06-2013 10:43:29 Windows Update 24-06-2013 13:25:14 Windows-Sicherung 26-06-2013 03:57:09 Windows Update 01-07-2013 16:14:56 Windows-Sicherung 02-07-2013 12:59:09 Windows Update 03-07-2013 04:16:27 Windows Update 04-07-2013 16:26:02 Windows Defender Checkpoint 04-07-2013 18:32:48 Windows Update 04-07-2013 18:44:36 Windows-Sicherung 04-07-2013 18:46:08 Ovi Desktop Sync Engine wird entfernt 04-07-2013 18:47:16 OviMPlatform wird entfernt 04-07-2013 18:48:16 PC Connectivity Solution wird entfernt 04-07-2013 18:49:28 Removed Norton Internet Security 04-07-2013 18:55:48 Nokia Connectivity Cable Driver wird entfernt 04-07-2013 19:31:00 Windows-Sicherung ==================== Hosts content: ========================== 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {18F7772F-8370-472B-83AE-9F854452EF93} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {28180CF4-E229-4361-A995-5477B52517A7} - System32\Tasks\ACMON => C:\Program Files\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {2D41F2F0-A116-40F2-9E79-DF72B5FF4913} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2010-11-20] (Microsoft Corporation) Task: {396A6AE6-4369-47B3-A426-58D369B5A58E} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {46DCDF0F-A56A-405E-A3BE-E771D8C12C5D} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-09-08] (ATK) Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs No File Task: {599FBC98-E805-4378-91CB-0BA1E3812FFE} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Patrick Zirk => C:\Program Files\Windows Calendar\WinCal.exe No File Task: {66FAEAA7-2441-4FE2-977B-5C5BDFE46C5D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (Microsoft Corp.) Task: {7C81F297-C287-48C2-924E-857C77EFDB0B} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-11] (TODO: <Company name>) Task: {8C1FB847-8C13-4A11-9E53-FA8685BBB786} - System32\Tasks\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2006-08-29] (Apple Computer, Inc.) Task: {945048E5-2925-4FD1-9FB6-1D77074DECF8} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {98666571-8DFB-4FEE-B31E-212F943BCE85} - System32\Tasks\GlaryInitialize 3 => C:\Program Files\Glary Utilities 3\Initialize.exe [2013-07-04] (Glarysoft Ltd) Task: {A282CEF2-991C-42DF-AC6A-0166041B766B} - System32\Tasks\{7D0299BE-3659-4755-B22C-52D2EBFA131F} => C:\Program Files\Eraser\Eraser.exe [2010-11-04] (The Eraser Project) Task: {B78EF204-C339-40F3-9F20-A0A439CE5B54} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation) Task: {D8A177F7-C3AC-4F10-AF58-921510295ED6} - System32\Tasks\Net4Switch => C:\Program Files\ASUS\Net4Switch\Net4Switch.exe No File Task: {E3E9A9D5-3633-4676-90A5-7D6DB1F25E4D} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs No File Task: {F4663087-7571-4AD6-9F33-94A92CB3E72D} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation) Task: {F8B3CEAA-028D-41D2-A548-7CBB0A63BE70} - System32\Tasks\Driver Robot => C:\Program Files\Driver Robot\1.0.9.13\DriverRobot.exe No File Task: C:\Windows\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe Task: C:\Windows\Tasks\Driver Robot.job => C:\Program Files\Driver Robot\1.0.9.13\DriverRobot.exe Task: C:\Windows\Tasks\GlaryInitialize 3.job => C:\Program Files\Glary Utilities 3\Initialize.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/05/2013 01:39:08 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/05/2013 01:00:48 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/05/2013 06:01:43 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2013 11:26:18 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (07/04/2013 11:26:14 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (07/04/2013 11:25:53 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Das erforderliche "version"-Attribut fehlt im assemblyIdentity-Element. Error: (07/04/2013 11:25:53 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Das erforderliche "version"-Attribut fehlt im assemblyIdentity-Element. Error: (07/04/2013 11:25:51 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Das erforderliche "version"-Attribut fehlt im assemblyIdentity-Element. Error: (07/04/2013 11:25:51 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Das erforderliche "version"-Attribut fehlt im assemblyIdentity-Element. Error: (07/04/2013 11:25:51 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Das erforderliche "version"-Attribut fehlt im assemblyIdentity-Element. System errors: ============= Error: (07/05/2013 01:16:27 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (07/05/2013 01:16:27 PM) (Source: Service Control Manager) (User: ) Description: Dienst "LightScribeService Direct Disc Labeling Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/05/2013 01:16:27 PM) (Source: Service Control Manager) (User: ) Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/04/2013 09:16:19 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/04/2013 09:16:19 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error: (07/04/2013 09:06:39 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/04/2013 09:06:39 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error: (07/04/2013 08:49:37 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) Description: 0xc000014d73\??\GLOBALROOT\Device\HarddiskVolumeShadowCopy54\Users\default\ntuser.dat Error: (07/04/2013 02:25:24 PM) (Source: DCOM) (User: ) Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58} Error: (06/29/2013 02:42:14 PM) (Source: Virtual Disk Service) (User: ) Description: Unerwarteter Anbieterfehler. Möglicherweise kann das Problem durch erneutes Starten des Dienstes behoben werden. Fehlercode: 8007001F@02000014 Microsoft Office Sessions: ========================= Error: (07/05/2013 01:39:08 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/05/2013 01:00:48 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/05/2013 06:01:43 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2013 11:26:18 PM) (Source: SideBySide)(User: ) Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\glary utilities 3\Native\wxp_x86\RegBootDefrag.exe Error: (07/04/2013 11:26:14 PM) (Source: SideBySide)(User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\glary utilities 3\DPInst64.exe Error: (07/04/2013 11:25:53 PM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionC:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\SoftwareUpdateFilesLocalized.dll.ManifestC:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\SoftwareUpdateFilesLocalized.dll.Manifest2 Error: (07/04/2013 11:25:53 PM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionC:\Program Files\Apple Software Update\plugins\MSIInstallPlugin.dll.ManifestC:\Program Files\Apple Software Update\plugins\MSIInstallPlugin.dll.Manifest2 Error: (07/04/2013 11:25:51 PM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionC:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\SoftwareUpdateLocalized.dll.ManifestC:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\SoftwareUpdateLocalized.dll.Manifest2 Error: (07/04/2013 11:25:51 PM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionC:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\SoftwareUpdateLocalized.dll.ManifestC:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\SoftwareUpdateLocalized.dll.Manifest2 Error: (07/04/2013 11:25:51 PM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionC:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\SoftwareUpdateFilesLocalized.dll.ManifestC:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\SoftwareUpdateFilesLocalized.dll.Manifest2 ==================== Memory info =========================== Percentage of memory in use: 46% Total physical RAM: 3071.34 MB Available physical RAM: 1634.96 MB Total Pagefile: 6140.96 MB Available Pagefile: 4369.08 MB Total Virtual: 2047.88 MB Available Virtual: 1905.04 MB ==================== Drives ================================ Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:108.89 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Daten) (Fixed) (Total:137.33 GB) (Free:128.84 GB) NTFS Drive f: (Ablage) (Fixed) (Total:149.04 GB) (Free:32.51 GB) NTFS Drive g: (Musik-Fotos-Filme) (Fixed) (Total:149.04 GB) (Free:89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 97646C29) Partition 1: (Not Active) - (Size=12 GB) - (Type=1C) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=137 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 298 GB) (Disk ID: BBC58B91) Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
05.07.2013, 17:08
| #6 | |
| /// the machine /// TB-Ausbilder | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher?Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? |
|
05.07.2013, 17:49
| #7 |
| | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? Syntaxfehler |
|
05.07.2013, 17:58
| #8 |
| /// the machine /// TB-Ausbilder | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? Erdnuss-Butter-Sandwich Merkste was? En bissl mehr Info bitte, so nen Satz mit Subjekt, Prädikat und Adjektiv wär schon geil 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.07.2013, 18:04
| #9 |
| | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? In dem Eingabefenster mit blauem Hintergrund steht Suche nach infizierten Dateien... Dies dauert normalerweise nicht länger als 10 Minuten. Die Scanzeit für stark infizierte Rechner kann sich leicht verdoppeln. Syntaxfehler. Habe gerade mein System auf den 01.07.13 wiederhergestellt. Irgendwie ging gerade nix mehr. Internet tot etc. Hatte dann neu gestartet und System wiederhergestellt. Meinst du damit hat sich das Problem mit dem Virus auch erledigt? |
|
06.07.2013, 08:34
| #10 |
| /// the machine /// TB-Ausbilder | Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? Sehr komisch. poste mal bitte ein frisches FRST Logfile.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Habe versucht System Care Antivirus zu entfernen - wirklich gelöscht? PC sicher? |
| antivirus, dateien, desktop, entfernen, gelöscht, hallo zusammen, infiziert, kaufen, laptop, natürlich, neu, ordner, passwörter, pc sicher?, programm, rechner, rojaner gefunden, sache, sachen, spybot, system, system care, trojaner, viren, wirklich, zahlen, zusammen, ähnliches |
Linear-Darstellung
