Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Interpol Virus & RunDLL Fehlermeldung

Interpol Virus & RunDLL Fehlermeldung


Log-Analyse und Auswertung: Interpol Virus & RunDLL Fehlermeldung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.02.2014, 21:42   #1
MickeyBlue
 
Interpol Virus & RunDLL Fehlermeldung - Standard

Interpol Virus & RunDLL Fehlermeldung


Hallo,

mein Computer ist mit dem Interpol-Virus befallen d.h. direkt nach dem Anmelden Anzeige des Interpol-Warnbildschirms mit Zahlungsaufforderung und Kamerabild. Es war nicht moeglich, Safe Mode zu starten.

Nach mehrmaligen Startversuchen ist es mir gelungen, MalwareBytes zu aktualisieren und laufen zu lassen. Nach dem QuickScan wurden 5 fehlerhafte Dateien gefunden und entfernt.
Hier das Log file:
*****************************
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.20.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Cathleen :: FRED [administrator]

20/02/2014 22:00:25
mbam-log-2014-02-20 (22-00-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 277814
Time elapsed: 25 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\ProgramData\fbrfnb0e.cpp (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Users\Cathleen\AppData\Local\Temp\Low\0800.dll (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Users\Cathleen\Downloads\SoftonicDownloader_for_expat-shield (1).exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Users\Cathleen\Downloads\SoftonicDownloader_for_expat-shield.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Users\Cathleen\AppData\Local\Temp\SetupDataMngr_Searchqu.exe (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully.

(end)
*****************************************************

Danach konnte der PC gestartet werden; der Interpol-Bildschirm erschien nicht mehr allerdings eine RunDLL-Fehlermeldung. Ich habe noch ein FullSystemScan mit Malwarebytes durchgefuehrt.
Hier das Log File:
**************************************************
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.20.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Cathleen :: FRED [administrator]

20/02/2014 23:07:50
mbam-log-2014-02-20 (23-07-50).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 471480
Time elapsed: 3 hour(s), 1 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> No action taken.

(end)
****************************************************

Heute habe ich FRST.exe laufen lassen.
Hier das Log File:
**********************************
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014
Ran by SYSTEM on MINWINPC on 21-02-2014 20:46:24
Running from F:\
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-25] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-10] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13548064 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2008-07-26] (NVIDIA Corporation)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [91432 2008-07-08] (cyberlink)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [87336 2008-05-14] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2008-05-14] ()
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [497000 2009-07-30] (Sony Corporation)
HKLM\...\Run: [BDAgent] - C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe [1199344 2012-12-08] (Bitdefender)
HKLM\...\Run: [LexwareInfoService] - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2552856 2014-02-03] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Cathleen\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-05-23] (Hewlett-Packard Company)
HKU\Cathleen\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-06] (SUPERAntiSpyware)
HKU\Cathleen\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\TEMP.Fred.001\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\Cathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e0bnfrbf.lnk
ShortcutTarget: e0bnfrbf.lnk -> C:\PROGRA~2\fbrfnb0e.cpp (No File)

========================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
S2 ExpatShieldService; C:\Program Files\Expat Shield\bin\openvpnas.exe [331608 2012-01-17] ()
S2 ExpatSrv; C:\Program Files\Expat Shield\HssWPR\hsssrv.exe [363336 2012-01-04] (AnchorFree Inc.)
S3 ExpatTrayService; C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-17] ()
S2 ExpatWd; C:\Program Files\Expat Shield\bin\hsswd.exe [329544 2012-01-04] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-12] ()
S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [307544 2011-10-14] (BitDefender)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [55032 2012-08-20] (Bitdefender)
S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1554176 2012-12-08] (Bitdefender)
S2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-08] (AVG Secure Search)
S2 Winmgmt; C:\PROGRA~2\fbrfnb0e.cpp [X]

==================== Drivers (Whitelisted) ====================

S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [622616 2012-12-08] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [481464 2012-12-08] (BitDefender)
S1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-11] (AVG Technologies)
S1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77192 2012-08-20] (BitDefender LLC)
S0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [360976 2011-08-16] (BitDefender)
S1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC)
S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [63056 2011-11-17] (BitDefender SRL)
S1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys [132600 2012-08-20] (BitDefender LLC)
S1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [85128 2010-01-19] (BitDefender)
S3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-01-04] (AnchorFree Inc.)
S2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-09-11] (SAMSUNG ELECTRONICS CO., LTD.)
S1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2013-12-12] ()
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-07-26] (AnchorFree Inc)
S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [340624 2011-10-27] (BitDefender S.R.L.)
S3 VMC302; C:\Windows\System32\Drivers\VMC302.sys [242048 2008-06-04] (Vimicro Corporation)
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [61424 2008-07-08] (Cyberlink Corp.)
S5 avchv; C:\Windows\System32\Drivers\avchv.sys [242504 2012-12-08] (BitDefender)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-21 20:46 - 2014-02-21 20:46 - 00000000 ____D () C:\FRST
2014-02-20 13:39 - 2014-02-20 13:39 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-02-18 12:50 - 2014-02-18 12:51 - 95027928 ____T () C:\ProgramData\e0bnfrbf.fee
2014-02-14 12:42 - 2014-02-05 00:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-14 12:42 - 2014-02-05 00:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-14 12:42 - 2014-02-05 00:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-02-14 12:42 - 2014-02-05 00:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-02-14 12:42 - 2014-02-05 00:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-14 12:42 - 2014-02-05 00:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-14 12:42 - 2014-02-05 00:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-02-14 12:41 - 2014-02-05 00:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-14 12:41 - 2014-02-05 00:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-02-14 12:41 - 2014-02-05 00:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-14 12:41 - 2014-02-05 00:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-14 12:41 - 2014-02-05 00:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-14 12:41 - 2014-02-05 00:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-14 12:41 - 2014-02-05 00:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-14 12:41 - 2014-02-05 00:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-14 12:41 - 2014-02-05 00:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-02-14 06:01 - 2013-12-04 18:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-02-02 12:25 - 2014-02-02 12:25 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (5).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (4).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (3).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (2).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00000000 ____D () C:\Users\Cathleen\AppData\Local\Adobe_Systems_Incorporate
2014-02-02 12:23 - 2014-02-02 12:46 - 00000000 ____D () C:\Users\Cathleen\Documents\My Digital Editions
2014-02-02 12:23 - 2014-02-02 12:23 - 00001971 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-02-02 12:22 - 2014-02-02 12:22 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Cathleen\Downloads\ADE_3.0_Installer.exe
2014-02-02 12:20 - 2014-02-02 12:20 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (1).epub
2014-02-02 12:17 - 2014-02-02 12:17 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge.epub
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-02 10:09 - 2014-02-02 10:07 - 00264616 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2014-02-02 10:08 - 2014-02-02 10:07 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2014-02-02 10:08 - 2014-02-02 10:07 - 00174504 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2014-02-02 10:08 - 2014-02-02 10:07 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2014-02-02 10:05 - 2014-02-02 10:05 - 00921000 _____ (Oracle Corporation) C:\Users\Cathleen\Downloads\chromeinstall-7u51.exe
2014-01-22 11:37 - 2014-01-22 11:37 - 00107256 _____ (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKELL.sys

==================== One Month Modified Files and Folders =======

2014-02-21 20:46 - 2014-02-21 20:46 - 00000000 ____D () C:\FRST
2014-02-20 17:32 - 2009-03-07 01:48 - 01048939 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 17:32 - 2008-09-11 21:21 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-20 17:32 - 2006-11-02 04:47 - 00004784 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 17:32 - 2006-11-02 04:47 - 00004784 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 14:06 - 2008-09-14 21:15 - 00141316 _____ () C:\ProgramData\nvModes.001
2014-02-20 14:03 - 2008-01-20 18:47 - 00422568 _____ () C:\Windows\PFRO.log
2014-02-20 13:40 - 2012-08-07 10:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-20 13:39 - 2014-02-20 13:39 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-02-20 12:39 - 2010-03-09 11:25 - 00000376 _____ () C:\Users\Cathleen\AppData\Roamingprivacy.xml
2014-02-18 12:51 - 2014-02-18 12:50 - 95027928 ____T () C:\ProgramData\e0bnfrbf.fee
2014-02-17 13:13 - 2009-11-21 12:08 - 00000000 ____D () C:\Users\Cathleen\Documents\Travel
2014-02-16 11:34 - 2009-04-16 12:48 - 00002627 _____ () C:\Users\Cathleen\Desktop\Microsoft Office Word 2007.lnk
2014-02-15 02:43 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 12:51 - 2006-11-02 02:33 - 00709998 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-14 12:49 - 2013-08-15 12:45 - 00000000 ____D () C:\Windows\System32\MRT
2014-02-14 12:47 - 2006-11-02 02:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\System32\mrt.exe
2014-02-09 03:03 - 2012-08-07 10:54 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-05 00:58 - 2014-02-14 12:41 - 12345344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-05 00:56 - 2014-02-14 12:41 - 01806848 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-02-05 00:53 - 2014-02-14 12:41 - 09739264 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-05 00:51 - 2014-02-14 12:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-05 00:50 - 2014-02-14 12:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-05 00:49 - 2014-02-14 12:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-05 00:49 - 2014-02-14 12:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-02-05 00:48 - 2014-02-14 12:42 - 00421376 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-02-05 00:48 - 2014-02-14 12:42 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-05 00:48 - 2014-02-14 12:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-02-05 00:48 - 2014-02-14 12:41 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-05 00:48 - 2014-02-14 12:41 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-02-05 00:47 - 2014-02-14 12:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-02-05 00:47 - 2014-02-14 12:42 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-05 00:47 - 2014-02-14 12:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-02-05 00:46 - 2014-02-14 12:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-02-03 11:43 - 2012-09-13 10:58 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-02-02 12:46 - 2014-02-02 12:23 - 00000000 ____D () C:\Users\Cathleen\Documents\My Digital Editions
2014-02-02 12:25 - 2014-02-02 12:25 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (5).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (4).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (3).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (2).epub
2014-02-02 12:24 - 2014-02-02 12:24 - 00000000 ____D () C:\Users\Cathleen\AppData\Local\Adobe_Systems_Incorporate
2014-02-02 12:23 - 2014-02-02 12:23 - 00001971 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-02-02 12:23 - 2008-09-11 05:36 - 00000000 ____D () C:\Program Files\Adobe
2014-02-02 12:22 - 2014-02-02 12:22 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Cathleen\Downloads\ADE_3.0_Installer.exe
2014-02-02 12:20 - 2014-02-02 12:20 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge (1).epub
2014-02-02 12:17 - 2014-02-02 12:17 - 00281502 _____ () C:\Users\Cathleen\Downloads\ratgeber_altersvorsorge.epub
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 10:09 - 2014-02-02 10:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-02 10:07 - 2014-02-02 10:09 - 00264616 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2014-02-02 10:07 - 2014-02-02 10:08 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2014-02-02 10:07 - 2014-02-02 10:08 - 00174504 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2014-02-02 10:07 - 2014-02-02 10:08 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2014-02-02 10:07 - 2012-05-26 10:22 - 00000000 ____D () C:\Program Files\Java
2014-02-02 10:05 - 2014-02-02 10:05 - 00921000 _____ (Oracle Corporation) C:\Users\Cathleen\Downloads\chromeinstall-7u51.exe
2014-02-02 10:00 - 2011-12-04 07:40 - 00000000 ____D () C:\Users\Cathleen\Documents\Telekom
2014-01-27 12:01 - 2011-06-03 11:27 - 00000000 ____D () C:\Users\Cathleen\Documents\Guides
2014-01-22 11:37 - 2014-01-22 11:37 - 00107256 _____ (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKELL.sys

Files to move or delete:
====================
C:\ProgramData\e0bnfrbf.fee
C:\Users\Cathleen\msiscan.exe
C:\Users\Cathleen\none.dat
C:\Users\Cathleen\pluginsx86.exe


Some content of TEMP:
====================
C:\Users\Cathleen\AppData\Local\Temp\AskSLib.dll
C:\Users\Cathleen\AppData\Local\Temp\avguidx.dll
C:\Users\Cathleen\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Cathleen\AppData\Local\Temp\InstallAX.exe
C:\Users\Cathleen\AppData\Local\Temp\installhelper.dll
C:\Users\Cathleen\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Cathleen\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Cathleen\AppData\Local\Temp\oi_{99C2D675-E249-4973-8ABA-5AEE6F17217E}.exe
C:\Users\Cathleen\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe
C:\Users\Cathleen\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Cathleen\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\Cathleen\AppData\Local\Temp\tbHots.dll
C:\Users\Cathleen\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Cathleen\AppData\Local\Temp\{F3122F18-A44F-4D2A-8401-7A1D75CC0534}-GoogleUpdateSetup.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2014-02-19 08:24:06

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 3065.88 MB
Available physical RAM: 2569.93 MB
Total Pagefile: 2795.23 MB
Available Pagefile: 2647.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.88 GB) (Free:4.48 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:111 GB) (Free:34.91 GB) NTFS
Drive f: (INTENSO) (Removable) (Total:7.46 GB) (Free:5.76 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive z: (RECOVERY) (Fixed) (Total:10 GB) (Free:1.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 828F7BBA)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2014-02-20 14:11

==================== End Of Log ============================
*************************************************

Wenn ich den Computer jetzt starte, erscheint weiterhin diese Fehlermeldung:

RunDLL
Error loading C:\PROGRA~2\fbrfnb0e.cpp
The specified module could not be found.


Bitte um Hilfe zu den naechsten Schritten, die ich tun sollte, um das Problem zu loesen.
Vielen Dank.

 

Themen zu Interpol Virus & RunDLL Fehlermeldung
.dll, association, bho, explorer, fehlermeldung, html/iframe.b.gen, java/exploit.agent.onv, java/exploit.cve-2011-3544.dd, java/exploit.cve-2012-0507.ah, log file, pup.optional.conduit, pup.optional.searchqu.a, pup.optional.softonic, rundll, secure search, superantispyware, svchost.exe, temp, trojan.agent.ed, vbs/trojandownloader.agent.niw, vtoolbarupdater, winlogon.exe


« Malware Problem: Es öffnen sich haufenweise neue Seiten | Windows Vista : SoftwareUpdater.ui.exe Problem beheben »


Ähnliche Themen: Interpol Virus & RunDLL Fehlermeldung


  1. Fehlermeldung RunDLL Problem beim Starten von
    Plagegeister aller Art und deren Bekämpfung - 11.04.2015 (20)
  2. Interpol hat zugeschlagen! Interpol Troyaner/Virus legt Rechner Lahm!
    Log-Analyse und Auswertung - 30.03.2014 (7)
  3. Fehlermeldung RunDLL
    Plagegeister aller Art und deren Bekämpfung - 03.03.2014 (3)
  4. RunDll Fehlermeldung beim Start des Computers
    Plagegeister aller Art und deren Bekämpfung - 14.02.2014 (14)
  5. Fehlermeldung: RunDLL.../BackgroundContainer.dll
    Plagegeister aller Art und deren Bekämpfung - 02.01.2014 (13)
  6. Win8 (sonyvaio) "nach" GVU-Virus Rundll-Fehlermeldung - wie bereinige ich meinen Rechner?
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (13)
  7. Fehlermeldung bei Systemstart (RUNDLL)
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (2)
  8. RUNDLL Fehlermeldung beim Starten des Laptops
    Plagegeister aller Art und deren Bekämpfung - 16.09.2012 (44)
  9. RunDLL Fehlermeldung nachz GVU Trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.09.2012 (16)
  10. GVU-Trojaner, runDLL-Fehlermeldung, was ist noch zu tun?
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (16)
  11. Rundll fehlermeldung
    Plagegeister aller Art und deren Bekämpfung - 26.10.2010 (6)
  12. RUNDLL Fehlermeldung
    Log-Analyse und Auswertung - 15.07.2010 (1)
  13. Fehlermeldung RUNDLL......flacor.dat Malware?
    Plagegeister aller Art und deren Bekämpfung - 23.05.2010 (60)
  14. Nach Systemstart Fehlermeldung Rundll oife.mro
    Log-Analyse und Auswertung - 19.05.2010 (6)
  15. RUNDLL Fehlermeldung bei Windows
    Log-Analyse und Auswertung - 27.12.2008 (2)
  16. RUNDLL Fehlermeldung beim Hochfahren des PC
    Plagegeister aller Art und deren Bekämpfung - 25.10.2008 (0)
  17. Fehlermeldung: RUNDLL X
    Alles rund um Windows - 01.03.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Interpol Virus & RunDLL Fehlermeldung - Hallo, mein Computer ist mit dem Interpol-Virus befallen d.h. direkt nach dem Anmelden Anzeige des Interpol-Warnbildschirms mit Zahlungsaufforderung und Kamerabild. Es war nicht moeglich, Safe Mode zu starten. Nach mehrmaligen - Interpol Virus & RunDLL Fehlermeldung...
Archiv
Du betrachtest: Interpol Virus & RunDLL Fehlermeldung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19