Interpol Virus & RunDLL Fehlermeldung

MickeyBlue · 21.02.2014, 21:42

Hallo,

mein Computer ist mit dem Interpol-Virus befallen d.h. direkt nach dem Anmelden Anzeige des Interpol-Warnbildschirms mit Zahlungsaufforderung und Kamerabild. Es war nicht moeglich, Safe Mode zu starten.

Nach mehrmaligen Startversuchen ist es mir gelungen, MalwareBytes zu aktualisieren und laufen zu lassen. Nach dem QuickScan wurden 5 fehlerhafte Dateien gefunden und entfernt.
Hier das Log file:
*****************************
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.20.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Cathleen :: FRED [administrator]

20/02/2014 22:00:25
mbam-log-2014-02-20 (22-00-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 277814
Time elapsed: 25 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\ProgramData\fbrfnb0e.cpp (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Users\Cathleen\AppData\Local\Temp\Low\0800.dll (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Users\Cathleen\Downloads\SoftonicDownloader_for_expat-shield (1).exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Users\Cathleen\Downloads\SoftonicDownloader_for_expat-shield.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Users\Cathleen\AppData\Local\Temp\SetupDataMngr_Searchqu.exe (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully.

(end)
*****************************************************

Danach konnte der PC gestartet werden; der Interpol-Bildschirm erschien nicht mehr allerdings eine RunDLL-Fehlermeldung. Ich habe noch ein FullSystemScan mit Malwarebytes durchgefuehrt.
Hier das Log File:
**************************************************
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.20.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Cathleen :: FRED [administrator]

20/02/2014 23:07:50
mbam-log-2014-02-20 (23-07-50).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 471480
Time elapsed: 3 hour(s), 1 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> No action taken.

(end)
****************************************************

Heute habe ich FRST.exe laufen lassen.
Hier das Log File:
**********************************
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014
Ran by SYSTEM on MINWINPC on 21-02-2014 20:46:24
Running from F:\
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-25] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-10] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13548064 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [91432 2008-07-08] (cyberlink)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [87336 2008-05-14] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2008-05-14] ()
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [497000 2009-07-30] (Sony Corporation)
HKLM\...\Run: [BDAgent] - C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe [1199344 2012-12-08] (Bitdefender)
HKLM\...\Run: [LexwareInfoService] - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2552856 2014-02-03] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Cathleen\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-05-23] (Hewlett-Packard Company)
HKU\Cathleen\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-06] (SUPERAntiSpyware)
HKU\Cathleen\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\TEMP.Fred.001\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\Cathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e0bnfrbf.lnk
ShortcutTarget: e0bnfrbf.lnk -> C:\PROGRA~2\fbrfnb0e.cpp (No File)

========================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
S2 ExpatShieldService; C:\Program Files\Expat Shield\bin\openvpnas.exe [331608 2012-01-17] ()
S2 ExpatSrv; C:\Program Files\Expat Shield\HssWPR\hsssrv.exe [363336 2012-01-04] (AnchorFree Inc.)
S3 ExpatTrayService; C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-17] ()
S2 ExpatWd; C:\Program Files\Expat Shield\bin\hsswd.exe [329544 2012-01-04] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-12] ()
S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [307544 2011-10-14] (BitDefender)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [55032 2012-08-20] (Bitdefender)
S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1554176 2012-12-08] (Bitdefender)
S2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-08] (AVG Secure Search)
S2 Winmgmt; C:\PROGRA~2\fbrfnb0e.cpp [X]

==================== Drivers (Whitelisted) ====================

S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [622616 2012-12-08] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [481464 2012-12-08] (BitDefender)
S1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-11] (AVG Technologies)
S1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77192 2012-08-20] (BitDefender LLC)
S0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [360976 2011-08-16] (BitDefender)
S1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC)
S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [63056 2011-11-17] (BitDefender SRL)
S1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys [132600 2012-08-20] (BitDefender LLC)
S1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [85128 2010-01-19] (BitDefender)
S3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-01-04] (AnchorFree Inc.)
S2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-09-11] (SAMSUNG ELECTRONICS CO., LTD.)
S1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2013-12-12] ()
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-07-26] (AnchorFree Inc)
S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [340624 2011-10-27] (BitDefender S.R.L.)
S3 VMC302; C:\Windows\System32\Drivers\VMC302.sys [242048 2008-06-04] (Vimicro Corporation)
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [61424 2008-07-08] (Cyberlink Corp.)
S5 avchv; C:\Windows\System32\Drivers\avchv.sys [242504 2012-12-08] (BitDefender)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-21 20:46 - 2014-02-21 20:46 - 00000000 ____D () C:\FRST
2014-02-20 13:39 - 2014-02-20 13:39 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-02-18 12:50 - 2014-02-18 12:51 - 95027928 ____T () C:\ProgramData\e0bnfrbf.fee
2014-02-14 12:42 - 2014-02-05 00:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-14 12:42 - 2014-02-05 00:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-14 12:42 - 2014-02-05 00:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-02-14 12:42 - 2014-02-05 00:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-02-14 12:42 - 2014-02-05 00:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-14 12:42 - 2014-02-05 00:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-14 12:42 - 2014-02-05 00:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-02-14 12:41 - 2014-02-05 00:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-14 12:41 - 2014-02-05 00:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-02-14 12:41 - 2014-02-05 00:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-14 12:41 - 2014-02-05 00:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-14 12:41 - 2014-02-05 00:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-14 12:41 - 2014-02-05 00:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-14 12:41 - 2014-02-05 00:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-14 12:41 - 2014-02-05 00:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-14 12:41 - 2014-02-05 00:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-02-14 06:01 - 2013-12-04 18:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-02-02 12:25 - 2014-02-02 12:25 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (5).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (4).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (3).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (2).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00000000 ____D () C:\Users\Cathleen\AppData\Local\Adobe_Systems_Incorporate
2014-02-02 12:23 - 2014-02-02 12:46 - 00000000 ____D () C:\Users\Cathleen\Documents\My Digital Editions
2014-02-02 12:23 - 2014-02-02 12:23 - 00001971 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-02-02 12:22 - 2014-02-02 12:22 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Cathleen\Downloads\ADE_3.0_Installer.exe
2014-02-02 12:20 - 2014-02-02 12:20 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (1).epub
2014-02-02 12:17 - 2014-02-02 12:17 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge.epub
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-02 10:09 - 2014-02-02 10:07 - 00264616 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2014-02-02 10:08 - 2014-02-02 10:07 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2014-02-02 10:08 - 2014-02-02 10:07 - 00174504 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2014-02-02 10:08 - 2014-02-02 10:07 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2014-02-02 10:05 - 2014-02-02 10:05 - 00921000 _____ (Oracle Corporation) C:\Users\Cathleen\Downloads\chromeinstall-7u51.exe
2014-01-22 11:37 - 2014-01-22 11:37 - 00107256 _____ (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKELL.sys

==================== One Month Modified Files and Folders =======

2014-02-21 20:46 - 2014-02-21 20:46 - 00000000 ____D () C:\FRST
2014-02-20 17:32 - 2009-03-07 01:48 - 01048939 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 17:32 - 2008-09-11 21:21 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-20 17:32 - 2006-11-02 04:47 - 00004784 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 17:32 - 2006-11-02 04:47 - 00004784 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 14:06 - 2008-09-14 21:15 - 00141316 _____ () C:\ProgramData\nvModes.001
2014-02-20 14:03 - 2008-01-20 18:47 - 00422568 _____ () C:\Windows\PFRO.log
2014-02-20 13:40 - 2012-08-07 10:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-20 13:39 - 2014-02-20 13:39 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-02-20 12:39 - 2010-03-09 11:25 - 00000376 _____ () C:\Users\Cathleen\AppData\Roamingprivacy.xml
2014-02-18 12:51 - 2014-02-18 12:50 - 95027928 ____T () C:\ProgramData\e0bnfrbf.fee
2014-02-17 13:13 - 2009-11-21 12:08 - 00000000 ____D () C:\Users\Cathleen\Documents\Travel
2014-02-16 11:34 - 2009-04-16 12:48 - 00002627 _____ () C:\Users\Cathleen\Desktop\Microsoft Office Word 2007.lnk
2014-02-15 02:43 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 12:51 - 2006-11-02 02:33 - 00709998 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-14 12:49 - 2013-08-15 12:45 - 00000000 ____D () C:\Windows\System32\MRT
2014-02-14 12:47 - 2006-11-02 02:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\System32\mrt.exe
2014-02-09 03:03 - 2012-08-07 10:54 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-05 00:58 - 2014-02-14 12:41 - 12345344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-05 00:56 - 2014-02-14 12:41 - 01806848 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-02-05 00:53 - 2014-02-14 12:41 - 09739264 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-05 00:51 - 2014-02-14 12:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-05 00:50 - 2014-02-14 12:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-05 00:49 - 2014-02-14 12:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-05 00:49 - 2014-02-14 12:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-05 00:48 - 2014-02-14 12:42 - 00421376 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-05 00:48 - 2014-02-14 12:42 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-05 00:48 - 2014-02-14 12:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-02-05 00:48 - 2014-02-14 12:41 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-05 00:48 - 2014-02-14 12:41 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-02-05 00:47 - 2014-02-14 12:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-02-05 00:47 - 2014-02-14 12:42 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-05 00:47 - 2014-02-14 12:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-05 00:46 - 2014-02-14 12:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-02-03 11:43 - 2012-09-13 10:58 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-02-02 12:46 - 2014-02-02 12:23 - 00000000 ____D () C:\Users\Cathleen\Documents\My Digital Editions
2014-02-02 12:25 - 2014-02-02 12:25 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (5).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (4).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (3).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (2).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00000000 ____D () C:\Users\Cathleen\AppData\Local\Adobe_Systems_Incorporate
2014-02-02 12:23 - 2014-02-02 12:23 - 00001971 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-02-02 12:23 - 2008-09-11 05:36 - 00000000 ____D () C:\Program Files\Adobe
2014-02-02 12:22 - 2014-02-02 12:22 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Cathleen\Downloads\ADE_3.0_Installer.exe
2014-02-02 12:20 - 2014-02-02 12:20 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (1).epub
2014-02-02 12:17 - 2014-02-02 12:17 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge.epub
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-02 10:07 - 2014-02-02 10:09 - 00264616 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2014-02-02 10:07 - 2014-02-02 10:08 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2014-02-02 10:07 - 2014-02-02 10:08 - 00174504 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2014-02-02 10:07 - 2014-02-02 10:08 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2014-02-02 10:07 - 2012-05-26 10:22 - 00000000 ____D () C:\Program Files\Java
2014-02-02 10:05 - 2014-02-02 10:05 - 00921000 _____ (Oracle Corporation) C:\Users\Cathleen\Downloads\chromeinstall-7u51.exe
2014-02-02 10:00 - 2011-12-04 07:40 - 00000000 ____D () C:\Users\Cathleen\Documents\Telekom
2014-01-27 12:01 - 2011-06-03 11:27 - 00000000 ____D () C:\Users\Cathleen\Documents\Guides
2014-01-22 11:37 - 2014-01-22 11:37 - 00107256 _____ (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKELL.sys

Files to move or delete:
====================
C:\ProgramData\e0bnfrbf.fee
C:\Users\Cathleen\msiscan.exe
C:\Users\Cathleen\none.dat
C:\Users\Cathleen\pluginsx86.exe

Some content of TEMP:
====================
C:\Users\Cathleen\AppData\Local\Temp\AskSLib.dll
C:\Users\Cathleen\AppData\Local\Temp\avguidx.dll
C:\Users\Cathleen\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Cathleen\AppData\Local\Temp\InstallAX.exe
C:\Users\Cathleen\AppData\Local\Temp\installhelper.dll
C:\Users\Cathleen\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Cathleen\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Cathleen\AppData\Local\Temp\oi_{99C2D675-E249-4973-8ABA-5AEE6F17217E}.exe
C:\Users\Cathleen\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe
C:\Users\Cathleen\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Cathleen\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\Cathleen\AppData\Local\Temp\tbHots.dll
C:\Users\Cathleen\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\{F3122F18-A44F-4D2A-8401-7A1D75CC0534}-GoogleUpdateSetup.exe

==================== Known DLLs (Whitelisted) ============

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2014-02-19 08:24:06

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 3065.88 MB
Available physical RAM: 2569.93 MB
Total Pagefile: 2795.23 MB
Available Pagefile: 2647.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.88 GB) (Free:4.48 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:111 GB) (Free:34.91 GB) NTFS
Drive f: (INTENSO) (Removable) (Total:7.46 GB) (Free:5.76 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive z: (RECOVERY) (Fixed) (Total:10 GB) (Free:1.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 828F7BBA)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

LastRegBack: 2014-02-20 14:11

==================== End Of Log ============================
*************************************************

Wenn ich den Computer jetzt starte, erscheint weiterhin diese Fehlermeldung:

RunDLL
Error loading C:\PROGRA~2\fbrfnb0e.cpp
The specified module could not be found.

Bitte um Hilfe zu den naechsten Schritten, die ich tun sollte, um das Problem zu loesen.
Vielen Dank.

aharonov · 21.02.2014, 23:20

Hallo,

ist die Fehlermeldung nach diesem Fix weg?

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\Cathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e0bnfrbf.lnk
S2 Winmgmt; C:\PROGRA~2\fbrfnb0e.cpp [X]
2014-02-18 12:50 - 2014-02-18 12:51 - 95027928 ____T () C:\ProgramData\e0bnfrbf.fee

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

MickeyBlue · 22.02.2014, 11:14

Hallo,

ja, die Fehlermeldung ist jetzt weg.

Hier das Fixlog.

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-02-2014
Ran by SYSTEM at 2014-02-22 11:03:41 Run:1
Running from F:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
C:\Users\Cathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e0bnfrbf.lnk
S2 Winmgmt; C:\PROGRA~2\fbrfnb0e.cpp [X]
2014-02-18 12:50 - 2014-02-18 12:51 - 95027928 ____T () C:\ProgramData\e0bnfrbf.fee
         
*****************

C:\Users\Cathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e0bnfrbf.lnk => Moved successfully.
Winmgmt => Service restored successfully.
C:\ProgramData\e0bnfrbf.fee => Moved successfully.

==== End of Fixlog ====

Danke.

aharonov · 22.02.2014, 12:40

Gut, dann weiter im normalen Modus.

Verschiebe die frst.exe vom USB-Stick auf den Desktop.

Starte dann FRST.
Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.

MickeyBlue · 22.02.2014, 13:50

OK, hier kommen die Ergebnisse.

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014
Ran by Cathleen (administrator) on FRED on 22-02-2014 13:35:27
Running from C:\Users\Cathleen\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Expat Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Program Files\Expat Shield\HssWPR\hsssrv.exe
() C:\Program Files\Expat Shield\bin\hsswd.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Sony Corporation) C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
() C:\Program Files\Expat Shield\bin\openvpntray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
() C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-10] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13548064 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [91432 2008-07-08] (cyberlink)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [87336 2008-05-14] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2008-05-14] ()
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [497000 2009-07-30] (Sony Corporation)
HKLM\...\Run: [BDAgent] - C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe [1199344 2012-12-08] (Bitdefender)
HKLM\...\Run: [LexwareInfoService] - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2552856 2014-02-03] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3170865763-2558761018-2506321480-1003\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-05-23] (Hewlett-Packard Company)
HKU\S-1-5-21-3170865763-2558761018-2506321480-1003\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3170865763-2558761018-2506321480-1003\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {9D32C98F-7BE7-4F7B-9278-0D052EAEB4F0} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e6961ce300000000000000ff2924f3ed&r=954
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={66F95653-FB60-4AA2-BB81-D648B92B11B6}&mid=36a08d0833ef47d0aa4bd15a31511a4d-d95e39382abdbedb8668029aafa4c4895d63914e&lang=en&ds=pd011&pr=sa&d=2012-09-13 20:58:13&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9D32C98F-7BE7-4F7B-9278-0D052EAEB4F0} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e6961ce300000000000000ff2924f3ed&r=954
SearchScopes: HKCU - {B2B05320-7510-4882-9617-5533ED3A23D1} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552&CUI=UN39538628683087518&UM=1
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.8.19.3\bh\Softonic.dll (Softonic.com)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://express.foto.com/ImageUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: haufereader - No CLSID Value - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (AVG Security Toolbar) - C:\Users\Cathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-09-13]
CHR Extension: (Google Wallet) - C:\Users\Cathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.19.3\Softonic.crx [2013-05-01]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-08]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 ExpatShieldService; C:\Program Files\Expat Shield\bin\openvpnas.exe [331608 2012-01-17] ()
R2 ExpatSrv; C:\Program Files\Expat Shield\HssWPR\hsssrv.exe [363336 2012-01-05] (AnchorFree Inc.)
S3 ExpatTrayService; C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-17] ()
R2 ExpatWd; C:\Program Files\Expat Shield\bin\hsswd.exe [329544 2012-01-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] ()
S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [307544 2011-10-14] (BitDefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [55032 2012-08-20] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1554176 2012-12-08] (Bitdefender)
R2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-08] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [622616 2012-12-08] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [481464 2012-12-08] (BitDefender)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-11] (AVG Technologies)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77192 2012-08-20] (BitDefender LLC)
R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [360976 2011-08-16] (BitDefender)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC)
S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [63056 2011-11-17] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys [132600 2012-08-20] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [85128 2010-01-19] (BitDefender)
R3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-01-05] (AnchorFree Inc.)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-09-11] (SAMSUNG ELECTRONICS CO., LTD.)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2013-12-12] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-07-26] (AnchorFree Inc)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [340624 2011-10-27] (BitDefender S.R.L.)
R3 VMC302; C:\Windows\System32\Drivers\VMC302.sys [242048 2008-06-05] (Vimicro Corporation)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [61424 2008-07-08] (Cyberlink Corp.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [242504 2012-12-08] (BitDefender)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-22 13:35 - 2014-02-22 13:36 - 00016241 _____ () C:\Users\Cathleen\Desktop\FRST.txt
2014-02-22 13:32 - 2014-02-21 16:21 - 01142784 _____ (Farbar) C:\Users\Cathleen\Desktop\FRST.exe
2014-02-22 05:46 - 2014-02-22 13:35 - 00000000 ____D () C:\FRST
2014-02-20 22:39 - 2014-02-20 22:39 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-02-14 21:42 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 21:42 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 21:42 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 21:42 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 21:42 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 21:42 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 21:42 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 21:41 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 21:41 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 21:41 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 21:41 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 21:41 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 21:41 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 21:41 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 21:41 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 21:41 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 15:01 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-10 11:35 - 2014-02-10 11:35 - 00107256 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKELL.sys
2014-02-02 21:25 - 2014-02-02 21:25 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (5).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (4).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (3).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (2).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00000000 ____D () C:\Users\Cathleen\AppData\Local\Adobe_Systems_Incorporate
2014-02-02 21:23 - 2014-02-02 21:46 - 00000000 ____D () C:\Users\Cathleen\Documents\My Digital Editions
2014-02-02 21:23 - 2014-02-02 21:23 - 00001971 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-02-02 21:22 - 2014-02-02 21:22 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Cathleen\Downloads\ADE_3.0_Installer.exe
2014-02-02 21:20 - 2014-02-02 21:20 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (1).epub
2014-02-02 21:17 - 2014-02-02 21:17 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge.epub
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\ProgramData\Sun
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-02 19:09 - 2014-02-02 19:07 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-02 19:08 - 2014-02-02 19:07 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-02 19:08 - 2014-02-02 19:07 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-02 19:08 - 2014-02-02 19:07 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-02 19:05 - 2014-02-02 19:05 - 00921000 _____ (Oracle Corporation) C:\Users\Cathleen\Downloads\chromeinstall-7u51.exe

==================== One Month Modified Files and Folders =======

2014-02-22 13:36 - 2014-02-22 13:35 - 00016241 _____ () C:\Users\Cathleen\Desktop\FRST.txt
2014-02-22 13:35 - 2014-02-22 05:46 - 00000000 ____D () C:\FRST
2014-02-22 13:34 - 2012-01-17 22:25 - 00000000 ____D () C:\Users\Cathleen\Documents\PC
2014-02-22 13:33 - 2006-11-02 11:33 - 00703388 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-22 13:32 - 2008-09-15 06:15 - 00141316 _____ () C:\ProgramData\nvModes.001
2014-02-22 13:14 - 2010-05-31 20:23 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-22 13:06 - 2006-11-02 13:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 13:06 - 2006-11-02 13:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 11:49 - 2011-06-03 20:27 - 00000000 ____D () C:\Users\Cathleen\Documents\Guides
2014-02-22 11:16 - 2010-02-02 22:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-22 11:07 - 2009-04-17 20:22 - 00000000 ____D () C:\Users\Cathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite
2014-02-22 11:06 - 2013-06-03 21:57 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-02-22 11:06 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-22 10:54 - 2009-03-07 10:48 - 01111637 _____ () C:\Windows\WindowsUpdate.log
2014-02-22 10:54 - 2008-09-12 06:21 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-22 10:54 - 2006-11-02 14:01 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-22 10:41 - 2012-08-07 19:54 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 21:40 - 2009-04-16 21:48 - 00002627 _____ () C:\Users\Cathleen\Desktop\Microsoft Office Word 2007.lnk
2014-02-21 16:21 - 2014-02-22 13:32 - 01142784 _____ (Farbar) C:\Users\Cathleen\Desktop\FRST.exe
2014-02-20 23:03 - 2008-01-21 03:47 - 00422568 _____ () C:\Windows\PFRO.log
2014-02-20 22:40 - 2012-08-07 19:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-20 22:39 - 2014-02-20 22:39 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-02-20 21:39 - 2010-03-09 20:25 - 00000376 _____ () C:\Users\Cathleen\AppData\Roamingprivacy.xml
2014-02-17 22:13 - 2009-11-21 21:08 - 00000000 ____D () C:\Users\Cathleen\Documents\Travel
2014-02-15 11:43 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 21:49 - 2013-08-15 21:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 21:47 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-10 11:35 - 2014-02-10 11:35 - 00107256 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKELL.sys
2014-02-05 09:58 - 2014-02-14 21:41 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-14 21:41 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-14 21:41 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-14 21:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-14 21:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-14 21:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 21:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-14 21:42 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-14 21:42 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 21:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:48 - 2014-02-14 21:41 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:48 - 2014-02-14 21:41 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:47 - 2014-02-14 21:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 21:42 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 21:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 21:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-03 20:43 - 2012-09-13 19:58 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-02-02 21:46 - 2014-02-02 21:23 - 00000000 ____D () C:\Users\Cathleen\Documents\My Digital Editions
2014-02-02 21:25 - 2014-02-02 21:25 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (5).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (4).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (3).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (2).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00000000 ____D () C:\Users\Cathleen\AppData\Local\Adobe_Systems_Incorporate
2014-02-02 21:23 - 2014-02-02 21:23 - 00001971 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-02-02 21:23 - 2008-09-11 14:36 - 00000000 ____D () C:\Program Files\Adobe
2014-02-02 21:22 - 2014-02-02 21:22 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Cathleen\Downloads\ADE_3.0_Installer.exe
2014-02-02 21:20 - 2014-02-02 21:20 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (1).epub
2014-02-02 21:17 - 2014-02-02 21:17 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge.epub
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\ProgramData\Sun
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-02 19:07 - 2014-02-02 19:09 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-02 19:07 - 2014-02-02 19:08 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-02 19:07 - 2014-02-02 19:08 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-02 19:07 - 2014-02-02 19:08 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-02 19:07 - 2012-05-26 19:22 - 00000000 ____D () C:\Program Files\Java
2014-02-02 19:05 - 2014-02-02 19:05 - 00921000 _____ (Oracle Corporation) C:\Users\Cathleen\Downloads\chromeinstall-7u51.exe
2014-02-02 19:00 - 2011-12-04 16:40 - 00000000 ____D () C:\Users\Cathleen\Documents\Telekom

Files to move or delete:
====================
C:\Users\Cathleen\msiscan.exe
C:\Users\Cathleen\none.dat
C:\Users\Cathleen\pluginsx86.exe


Some content of TEMP:
====================
C:\Users\Cathleen\AppData\Local\Temp\AskSLib.dll
C:\Users\Cathleen\AppData\Local\Temp\avguidx.dll
C:\Users\Cathleen\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Cathleen\AppData\Local\Temp\InstallAX.exe
C:\Users\Cathleen\AppData\Local\Temp\installhelper.dll
C:\Users\Cathleen\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Cathleen\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Cathleen\AppData\Local\Temp\oi_{99C2D675-E249-4973-8ABA-5AEE6F17217E}.exe
C:\Users\Cathleen\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe
C:\Users\Cathleen\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Cathleen\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\Cathleen\AppData\Local\Temp\tbHots.dll
C:\Users\Cathleen\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\{F3122F18-A44F-4D2A-8401-7A1D75CC0534}-GoogleUpdateSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-22 11:12

==================== End Of Log ============================

--- --- ---

--- --- ---

sowie

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-02-2014
Ran by Cathleen at 2014-02-22 13:36:52
Running from C:\Users\Cathleen\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {98CD50CE-5097-4098-9669-6C401FB3969C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {23ACB12A-76AD-4F16-ACD9-57326434DC21}
FW: Bitdefender Firewall (Enabled) {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}

==================== Installed Programs ======================

Adobe Digital Editions 3.0 (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (Version: 8.1.0 - Adobe Systems Incorporated)
Agere Systems HDA Modem (Version:  - Agere Systems)
Anki (Version:  - )
Atheros WLAN Client (Version: 1.00.000 - )
AVG Security Toolbar (Version: 17.3.0.49 - AVG Technologies)
Bitdefender Internet Security 2012 (Version: 15.0.38 - Bitdefender)
Bitdefender Internet Security 2012 (Version: 15.0.38 - Bitdefender) Hidden
Bootstrapper (Version: 1.1.0.0 - Minitab, Inc.) Hidden
Canon G.726 WMP-Decoder (Version: 1.1.0.4 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4 - Canon Inc.)
Canon MP Navigator EX 2.0 (Version:  - )
Canon MP540 series MP Drivers (Version:  - )
Canon MP540 series User Registration (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (Version: 8.9.0.4 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (Version:  - )
Canon Utilities ImageBrowser EX (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities My Printer (Version:  - )
Canon Utilities MyCamera DC (Version: 7.0.1.8 - Canon Inc.)
Canon Utilities PhotoStitch (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities Solution Menu (Version:  - )
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20 - Canon Inc.)
Content Transfer (Version: 1.2.0.07300 - Sony Corporation)
CyberLink CyberLink Hi-Def Suite (Version: 1.5.1623 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.0.2406 - CyberLink Corp.)
CyberLink Power2Go (Version: 5.5.1.3825a - CyberLink Corp.)
Easy Battery Manager (Version: 3.2.1.7 - )
Easy Display Manager (Version: 2.0.0.0 - Samsung)
Easy Network Manager 4.0 (Version: 4.0.0.13 - Samsung)
Easy Network Manager 4.0 (Version: 4.0.0.13 - Samsung) Hidden
Easy SpeedUp Manager (Version: 2.0.1.0 - )
Expat Shield 2.25 (Version: 2.25 - AnchorFree)
Flickr Uploadr 3.2.1 (Version:  - )
Google Chrome (Version: 33.0.1750.117 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Haufe iDesk-Browser (Version: 10.10.14.0000 - Haufe-Lexware GmbH & Co. KG)
Haufe iDesk-Service (Version: 10.10.25.7810 - Haufe)
iLivid (Version: 1.92.0.115302 - Bandoo Media Inc.) <==== ATTENTION
iLivid (Version: 1.92.0.115302 - Bandoo Media Inc.) Hidden <==== ATTENTION
imagine digital freedom - Samsung (Version: 1.0.2.0 - Samsung Electronics Co., LTD)
Intel(R) PROSet/Wireless WiFi Software (Version: 12.00.2000 - Intel(R) Corporation)
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 21 (Version: 6.0.210 - Oracle)
Lexware Info Service (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
LightScribe System Software  1.14.16.1 (Version: 1.14.16.1 - LightScribe)
M248 data files (Version:  - )
M248 Minitab 16 license (Version:  - )
M248 SUStats (Version:  - )
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Minitab 16 (Version: 16.1.1 - Minitab, Inc.)
Minitab16 (Version: 16.1.1.0 - Minitab Inc) Hidden
Minitab16 (Version: 16.1.1.0 - Minitab, Inc.) Hidden
Minitab16 (Version: 16.1.1.1 - Minitab Inc) Hidden
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (Version:  - )
NWZ-S540 WALKMAN Guide (Version: 2.0.00.07010 - Sony Corporation)
Paragon Total Defrag™ 2010 Kompakt (Version: 90.00.0003 - Paragon Software)
PDFCreator (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
PlayCamera (Version: 1.0.1.7 - )
PowerDirector (Version: 5.0.3927 - CyberLink Corp.)
PowerDVD (Version: 7.3.4102c.0 - CyberLink Corp.)
PowerProducer (Version: 085120(3.7)_Vista_SSPC - CyberLink Corp.)
QuickSteuer 2011 compact (Version: 17.08.00.0005 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer Wissens-Center 2011 (Version: 17.10.0.0 - Haufe-Lexware GmbH & Co. KG)
Rapport (Version: 3.5.1304.48 - Trusteer) Hidden
Realtek High Definition Audio Driver (Version: 6.0.1.5605 - Realtek Semiconductor Corp.)
Samsung Magic Doctor (Version: 5.00 - Samsung Electronics Co., LTD)
Samsung Recovery Solution III (Version: 3.0.0.6 - Samsung)
Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD)
Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Hidden
Skype™ 4.0 (Version: 4.0.226 - Skype Technologies S.A.)
Softonic toolbar  on IE and Chrome (Version: 1.8.19.3 - Softonic) <==== ATTENTION
SUPERAntiSpyware (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (Version: 10.1.2.0 - Synaptics)
Trusteer Endpoint Protection (Version: 3.5.1304.48 - Trusteer)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
User Guide (Version: 1.0 - )
Vimicro UVC Camera (Version: 1.00.0000 - Vimicro Corporation)
WIDCOMM Bluetooth Software 6.0.1.6300 (Version: 6.0.1.6300 -  )

==================== Restore Points  =========================

22-02-2014 12:03:50 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1B3637F6-A065-426F-B459-2E951AAE108E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {24BF58DB-8B94-4E65-BE90-563B3A49BC99} - System32\Tasks\{C9116EBE-9803-4B3A-B7CC-545CEC868100} => C:\Program Files\Skype\Phone\Skype.exe [2009-04-21] (Skype Technologies S.A.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3757478B-6149-4611-A472-AD74952CD822} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-04-17] (SAMSUNG Electronics co., LTD.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {5CDB726F-6654-42E1-A825-EF7CEFFAF383} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {5DB8D8DA-0226-47FA-AF88-F449F07EFA59} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{9EA983D3-0C36-4E89-A1BF-4E4592B9584D}.exe
Task: {72198B2F-A60B-4FCA-9641-7736D840C778} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02] (Google Inc.)
Task: {9AD66769-5B69-4E6B-829B-A0150B90A98A} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-07-04] (Samsung Electronics Co., Ltd.)
Task: {BDE9CCB1-CBF9-4052-B8EE-B26AC9B13EFC} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-04-25] (Samsung Electronics Co., Ltd.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EE09D38C-46A7-4A8B-ADDF-123D24212123} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-05-22] (SAMSUNG Electronics)
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{9EA983D3-0C36-4E89-A1BF-4E4592B9584D}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-06 15:27 - 2012-01-06 15:27 - 00035720 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\strdecoder.dll
2012-01-06 15:27 - 2012-01-06 15:27 - 00202032 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\txmlutil.dll
2012-01-23 19:13 - 2012-01-23 19:13 - 00154152 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\framework.dll
2012-01-23 19:27 - 2012-01-23 19:27 - 00035208 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\procinfo.dll
2012-01-23 19:14 - 2012-01-23 19:14 - 00061440 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\ExcludeMgr.dll
2012-01-23 19:14 - 2012-01-23 19:14 - 00110880 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\connector.dll
2012-03-28 14:21 - 2012-03-28 14:21 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\UI\accessl.ui
2012-03-12 14:14 - 2013-05-25 16:55 - 00275344 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\avc3al.dll
2011-11-14 19:17 - 2011-11-14 19:17 - 00132176 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdfwcore.dll
2012-01-23 19:15 - 2012-01-23 19:15 - 00059392 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdmltusrsrv.dll
2012-03-28 14:21 - 2012-03-28 14:21 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\UI\IMSecurityAL.ui
2012-02-09 12:49 - 2012-12-08 13:12 - 00092600 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdmetrics.dll
2012-03-22 11:30 - 2012-03-22 11:30 - 00634880 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpbr.mdl
2012-03-22 11:30 - 2012-03-22 11:30 - 00513536 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpdsp.mdl
2012-03-22 11:30 - 2012-03-22 11:30 - 02063872 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpf.mdl
2012-03-22 11:30 - 2012-03-22 11:30 - 01917952 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpph.mdl
2012-03-22 11:30 - 2012-03-22 11:30 - 00956928 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttprbl.mdl
2012-03-22 11:30 - 2012-03-22 11:30 - 00391168 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimbr.mdl
2012-03-22 11:30 - 2012-03-22 11:30 - 00446464 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimdsp.mdl
2012-03-22 11:30 - 2012-03-22 11:30 - 01867776 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimf.mdl
2008-05-23 05:46 - 2008-05-23 05:46 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2012-01-17 22:15 - 2012-01-17 22:15 - 00331608 _____ () C:\Program Files\Expat Shield\bin\openvpnas.exe
2009-03-30 03:34 - 2009-03-30 03:34 - 00280143 _____ () C:\Program Files\Expat Shield\bin\libidn-11.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files\Expat Shield\bin\libeay32.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files\Expat Shield\bin\libssl32.dll
2012-01-05 00:02 - 2012-01-05 00:02 - 00329544 _____ () C:\Program Files\Expat Shield\bin\hsswd.exe
2009-04-17 20:24 - 2006-12-19 15:23 - 00272024 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2014-01-08 20:57 - 2014-01-08 20:56 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
2014-01-08 20:57 - 2014-01-08 20:56 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
2008-09-11 14:40 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-09-11 14:39 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2008-09-11 14:40 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2012-09-13 19:58 - 2014-02-03 20:43 - 02552856 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2007-07-12 13:55 - 2007-07-12 13:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 13:59 - 2007-08-14 13:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 13:55 - 2007-07-12 13:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-10-20 20:06 - 2013-10-03 10:42 - 00069120 _____ () C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
2013-10-20 20:06 - 2013-10-03 10:42 - 00112128 _____ () C:\Program Files\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2012-01-17 22:20 - 2012-01-17 22:20 - 00653640 _____ () C:\Program Files\Expat Shield\bin\openvpntray.exe
2012-01-17 22:21 - 2012-01-17 22:21 - 00009544 _____ () C:\Program Files\Expat Shield\bin\lang\gui-eng.dll
2008-05-13 01:13 - 2008-05-13 01:13 - 00085672 _____ () C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
2007-01-12 19:01 - 2007-01-12 19:01 - 00397312 ____R () C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll
2007-01-12 19:01 - 2007-01-12 19:01 - 00475136 ____R () C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Cathleen\Downloads\anki-2.0.0.exe:BDU
AlternateDataStreams: C:\Users\Cathleen\Downloads\MinitabLicense.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Spyware Doctor => C:\Users\Cathleen\Desktop\sdsetup_aff.exe -min
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2014 11:06:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/21/2014 08:56:05 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6177cbdf-0279-47e4-9d3a-64e77a1f2a02}

Error: (02/20/2014 09:43:44 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0x0eedfade, fault offset 0x0003fc16,
process id 0xfb0, application start time 0xrundll32.exe0.

Error: (02/19/2014 05:55:52 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16533 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 840
Start Time: 01cf2d74e2acd6e0
Termination Time: 0

Error: (02/19/2014 01:56:38 PM) (Source: Application Hang) (User: )
Description: The program rundll32.exe version 6.0.6000.16386 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: edc
Start Time: 01cf2d718b968071
Termination Time: 0

Error: (02/19/2014 01:48:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2014 09:51:12 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16533, time stamp 0x52f1fb14, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000005, fault offset 0x0003dd6d,
process id 0x141c, application start time 0xiexplore.exe0.

Error: (02/18/2014 09:51:09 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0x0eedfade, fault offset 0x0003fc16,
process id 0xc5c, application start time 0xrundll32.exe0.

Error: (02/18/2014 09:29:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2014 09:14:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (10/21/2011 07:01:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2092 seconds with 1140 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-02-22 13:36:36.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:36.365
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:36.115
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:35.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:35.631
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:35.397
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:35.163
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:34.914
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:04.151
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-22 13:36:03.917
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3065.88 MB
Available physical RAM: 1657.71 MB
Total Pagefile: 6334.88 MB
Available Pagefile: 4375.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1906.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.88 GB) (Free:4.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:111 GB) (Free:34.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 828F7BBA)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Danke.

aharonov · 22.02.2014, 15:16

Ok.

Schritt 1

Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
Suche und deinstalliere dort der Reihe nach folgende Einträge:
AVG Security Toolbar
iLivid
Java(TM) 6 Update 21
Softonic toolbar on IE and Chrome
Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

MickeyBlue · 23.02.2014, 13:50

Hallo,

habe die Sachen deinstalliert und die Scanner laufen lassen.
Hier das ESET log:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c1f0b3e58d3e1c41b489bc0ad11ef54a
# engine=17186
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-23 09:53:38
# local_time=2014-02-23 10:53:38 (+0100, W. Europe Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=2055 16777213 100 98 4967 152230316 0 0
# compatibility_mode=5892 16776574 100 95 56832512 230681946 0 0
# scanned=19720
# found=0
# cleaned=0
# scan_time=1049
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c1f0b3e58d3e1c41b489bc0ad11ef54a
# engine=17186
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-23 12:31:06
# local_time=2014-02-23 01:31:06 (+0100, W. Europe Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=2055 16777213 100 98 9459 152239764 0 0
# compatibility_mode=5892 16776574 100 95 56841960 230691394 0 0
# scanned=213111
# found=7
# cleaned=0
# scan_time=9359
sh=9DA9F9462AC8AAE182DEBB4149BBF52E50384331 ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen virus" ac=I fn="C:\Users\Cathleen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NOG8Y8CE\iframe3[1].htm"
sh=5B34B45B382805CDFF05581D16133C5E4052058E ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2011-3544.DD trojan" ac=I fn="C:\Users\Cathleen\AppData\Local\Temp\jar_cache3064241716410829502.tmp"
sh=F82A4B903D0EB117CEB9BE2E2D6D2880E9139B9B ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Cathleen\AppData\Local\Temp\jar_cache4037628430423906549.tmp"
sh=DFC57922038BFC73B7EE41C4AA4246392D0D5EB4 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2012-0507.AH trojan" ac=I fn="C:\Users\Cathleen\AppData\Local\Temp\jar_cache4508603715054263769.tmp"
sh=8D4B302C02A0EF8A6FA8F1FBF00D6E10F12A606E ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.ONV trojan" ac=I fn="C:\Users\Cathleen\AppData\Local\Temp\jar_cache7582551722397091644.tmp"
sh=E898873F216D23746AD9F35CD511FEEB56EC0E7B ft=0 fh=0000000000000000 vn="VBS/TrojanDownloader.Agent.NIW trojan" ac=I fn="C:\Users\Cathleen\AppData\Local\Temp\Low\l.vbs"
sh=39DF4FA3EEF4086E81F17A9ECE613BD2A81C8719 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Cathleen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\4d2d170e-75a2e3ef"

Sowie FRST log

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014
Ran by Cathleen (administrator) on FRED on 23-02-2014 13:42:31
Running from C:\Users\Cathleen\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Expat Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Program Files\Expat Shield\HssWPR\hsssrv.exe
() C:\Program Files\Expat Shield\bin\hsswd.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Sony Corporation) C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
() C:\Program Files\Expat Shield\bin\openvpntray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
() C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-10] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13548064 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [91432 2008-07-08] (cyberlink)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [87336 2008-05-14] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2008-05-14] ()
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [497000 2009-07-30] (Sony Corporation)
HKLM\...\Run: [BDAgent] - C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe [1199344 2012-12-08] (Bitdefender)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3170865763-2558761018-2506321480-1003\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-05-23] (Hewlett-Packard Company)
HKU\S-1-5-21-3170865763-2558761018-2506321480-1003\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3170865763-2558761018-2506321480-1003\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {9D32C98F-7BE7-4F7B-9278-0D052EAEB4F0} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e6961ce300000000000000ff2924f3ed&r=954
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {9D32C98F-7BE7-4F7B-9278-0D052EAEB4F0} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e6961ce300000000000000ff2924f3ed&r=954
SearchScopes: HKCU - {B2B05320-7510-4882-9617-5533ED3A23D1} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552&CUI=UN39538628683087518&UM=1
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://express.foto.com/ImageUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR Extension: (Google Wallet) - C:\Users\Cathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 ExpatShieldService; C:\Program Files\Expat Shield\bin\openvpnas.exe [331608 2012-01-17] ()
R2 ExpatSrv; C:\Program Files\Expat Shield\HssWPR\hsssrv.exe [363336 2012-01-05] (AnchorFree Inc.)
S3 ExpatTrayService; C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-17] ()
R2 ExpatWd; C:\Program Files\Expat Shield\bin\hsswd.exe [329544 2012-01-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] ()
S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [307544 2011-10-14] (BitDefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [55032 2012-08-20] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1554176 2012-12-08] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [622616 2012-12-08] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [481464 2012-12-08] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77192 2012-08-20] (BitDefender LLC)
R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [360976 2011-08-16] (BitDefender)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC)
S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [63056 2011-11-17] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys [132600 2012-08-20] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [85128 2010-01-19] (BitDefender)
R3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-01-05] (AnchorFree Inc.)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-09-11] (SAMSUNG ELECTRONICS CO., LTD.)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2013-12-12] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-07-26] (AnchorFree Inc)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [340624 2011-10-27] (BitDefender S.R.L.)
R3 VMC302; C:\Windows\System32\Drivers\VMC302.sys [242048 2008-06-05] (Vimicro Corporation)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [61424 2008-07-08] (Cyberlink Corp.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [242504 2012-12-08] (BitDefender)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-23 13:42 - 2014-02-23 13:42 - 00012015 _____ () C:\Users\Cathleen\Desktop\FRST.txt
2014-02-22 13:32 - 2014-02-21 16:21 - 01142784 _____ (Farbar) C:\Users\Cathleen\Desktop\FRST.exe
2014-02-22 05:46 - 2014-02-23 13:42 - 00000000 ____D () C:\FRST
2014-02-20 22:39 - 2014-02-20 22:39 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-02-14 21:42 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 21:42 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 21:42 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 21:42 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 21:42 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 21:42 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 21:42 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 21:41 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 21:41 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 21:41 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 21:41 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 21:41 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 21:41 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 21:41 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 21:41 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 21:41 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 15:01 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-10 11:35 - 2014-02-10 11:35 - 00107256 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKELL.sys
2014-02-02 21:25 - 2014-02-02 21:25 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (5).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (4).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (3).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (2).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00000000 ____D () C:\Users\Cathleen\AppData\Local\Adobe_Systems_Incorporate
2014-02-02 21:23 - 2014-02-02 21:46 - 00000000 ____D () C:\Users\Cathleen\Documents\My Digital Editions
2014-02-02 21:23 - 2014-02-02 21:23 - 00001971 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-02-02 21:22 - 2014-02-02 21:22 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Cathleen\Downloads\ADE_3.0_Installer.exe
2014-02-02 21:20 - 2014-02-02 21:20 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (1).epub
2014-02-02 21:17 - 2014-02-02 21:17 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge.epub
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\ProgramData\Sun
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-02 19:09 - 2014-02-02 19:07 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-02 19:08 - 2014-02-02 19:07 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-02 19:08 - 2014-02-02 19:07 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-02 19:08 - 2014-02-02 19:07 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-02 19:05 - 2014-02-02 19:05 - 00921000 _____ (Oracle Corporation) C:\Users\Cathleen\Downloads\chromeinstall-7u51.exe

==================== One Month Modified Files and Folders =======

2014-02-23 13:45 - 2014-02-23 13:42 - 00012015 _____ () C:\Users\Cathleen\Desktop\FRST.txt
2014-02-23 13:42 - 2014-02-22 05:46 - 00000000 ____D () C:\FRST
2014-02-23 13:38 - 2012-01-17 22:25 - 00000000 ____D () C:\Users\Cathleen\Documents\PC
2014-02-23 13:14 - 2010-05-31 20:23 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-23 12:27 - 2006-11-02 13:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-23 12:27 - 2006-11-02 13:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-23 10:58 - 2006-11-02 11:33 - 00703388 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 10:29 - 2008-09-15 06:15 - 00141316 _____ () C:\ProgramData\nvModes.001
2014-02-23 10:28 - 2010-02-02 22:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-23 10:28 - 2009-04-17 20:22 - 00000000 ____D () C:\Users\Cathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Hi-Def Suite
2014-02-23 10:27 - 2013-06-03 21:57 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-02-23 10:27 - 2011-09-28 20:56 - 00000000 __HDC () C:\ProgramData\~0
2014-02-23 10:27 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-23 10:26 - 2009-03-07 10:48 - 01152251 _____ () C:\Windows\WindowsUpdate.log
2014-02-23 10:26 - 2008-09-12 06:21 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-23 10:26 - 2006-11-02 14:01 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-23 10:21 - 2012-05-26 19:20 - 00000000 ____D () C:\Program Files\Common Files\Lexware
2014-02-23 10:09 - 2012-05-26 19:22 - 00000000 ____D () C:\Program Files\Java
2014-02-22 11:49 - 2011-06-03 20:27 - 00000000 ____D () C:\Users\Cathleen\Documents\Guides
2014-02-22 10:41 - 2012-08-07 19:54 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 21:40 - 2009-04-16 21:48 - 00002627 _____ () C:\Users\Cathleen\Desktop\Microsoft Office Word 2007.lnk
2014-02-21 16:21 - 2014-02-22 13:32 - 01142784 _____ (Farbar) C:\Users\Cathleen\Desktop\FRST.exe
2014-02-20 23:03 - 2008-01-21 03:47 - 00422568 _____ () C:\Windows\PFRO.log
2014-02-20 22:40 - 2012-08-07 19:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-20 22:39 - 2014-02-20 22:39 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-02-20 21:39 - 2010-03-09 20:25 - 00000376 _____ () C:\Users\Cathleen\AppData\Roamingprivacy.xml
2014-02-17 22:13 - 2009-11-21 21:08 - 00000000 ____D () C:\Users\Cathleen\Documents\Travel
2014-02-15 11:43 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 21:49 - 2013-08-15 21:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 21:47 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-10 11:35 - 2014-02-10 11:35 - 00107256 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKELL.sys
2014-02-05 09:58 - 2014-02-14 21:41 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-14 21:41 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-14 21:41 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-14 21:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-14 21:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-14 21:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 21:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-14 21:42 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-14 21:42 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 21:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:48 - 2014-02-14 21:41 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:48 - 2014-02-14 21:41 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:47 - 2014-02-14 21:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 21:42 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 21:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 21:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-02 21:46 - 2014-02-02 21:23 - 00000000 ____D () C:\Users\Cathleen\Documents\My Digital Editions
2014-02-02 21:25 - 2014-02-02 21:25 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (5).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (4).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (3).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (2).epub
2014-02-02 21:24 - 2014-02-02 21:24 - 00000000 ____D () C:\Users\Cathleen\AppData\Local\Adobe_Systems_Incorporate
2014-02-02 21:23 - 2014-02-02 21:23 - 00001971 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-02-02 21:23 - 2008-09-11 14:36 - 00000000 ____D () C:\Program Files\Adobe
2014-02-02 21:22 - 2014-02-02 21:22 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Cathleen\Downloads\ADE_3.0_Installer.exe
2014-02-02 21:20 - 2014-02-02 21:20 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (1).epub
2014-02-02 21:17 - 2014-02-02 21:17 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge.epub
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\ProgramData\Sun
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 19:09 - 2014-02-02 19:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-02 19:07 - 2014-02-02 19:09 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-02 19:07 - 2014-02-02 19:08 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-02 19:07 - 2014-02-02 19:08 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-02 19:07 - 2014-02-02 19:08 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-02 19:05 - 2014-02-02 19:05 - 00921000 _____ (Oracle Corporation) C:\Users\Cathleen\Downloads\chromeinstall-7u51.exe
2014-02-02 19:00 - 2011-12-04 16:40 - 00000000 ____D () C:\Users\Cathleen\Documents\Telekom

Files to move or delete:
====================
C:\Users\Cathleen\msiscan.exe
C:\Users\Cathleen\none.dat
C:\Users\Cathleen\pluginsx86.exe


Some content of TEMP:
====================
C:\Users\Cathleen\AppData\Local\Temp\AskSLib.dll
C:\Users\Cathleen\AppData\Local\Temp\avguidx.dll
C:\Users\Cathleen\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Cathleen\AppData\Local\Temp\InstallAX.exe
C:\Users\Cathleen\AppData\Local\Temp\installhelper.dll
C:\Users\Cathleen\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Cathleen\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Cathleen\AppData\Local\Temp\oi_{99C2D675-E249-4973-8ABA-5AEE6F17217E}.exe
C:\Users\Cathleen\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe
C:\Users\Cathleen\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Cathleen\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\Cathleen\AppData\Local\Temp\tbHots.dll
C:\Users\Cathleen\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Cathleen\AppData\Local\Temp\{F3122F18-A44F-4D2A-8401-7A1D75CC0534}-GoogleUpdateSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-23 10:33

==================== End Of Log ============================

--- --- ---

--- --- ---

Gruss

aharonov · 23.02.2014, 14:13

Läuft der Rechner normal oder bestehen noch Probleme?

MickeyBlue · 23.02.2014, 20:41

Hallo,

ja, ich denke schon.
Das einzige, was mich stoert, ist noch eine Meldung vom Internet Explorer Security "A website wants to open web content using this program on your computer... Skype... ",
welche mit Allow/Dont Allow bestaetigt werden muss. Wann genau dieses Pop up Fenster sich immer oeffnet (welche Seiten, Clicks..) kann ich nicht sagen, aber es passiert relativ haeufig.

Dann noch eine Frage. Im Log des Eset Scanners wurden einige Trojaner/Viren aufgefuehrt. Was hat es damit auf sich?

Vielen Dank fuer die Hilfe - Ihr seid echt super!

23.02.2014, 14:13	#8
aharonov /// TB-Ausbilder	Interpol Virus & RunDLL Fehlermeldung Läuft der Rechner normal oder bestehen noch Probleme? __________________ cheers, Leo

Interpol Virus & RunDLL Fehlermeldung

Log-Analyse und Auswertung: Interpol Virus & RunDLL Fehlermeldung