Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Polizei Warnung! Interpool

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.01.2014, 13:44   #1
Ninni7381
 
Polizei Warnung! Interpool - Standard

Polizei Warnung! Interpool



Hallo!

Ich habe gesehen, das einige das selbe Problem haben.
Habe hier schon mal ein bischen gelesen, aber weiter bringt mich das leider auch nicht.
Also folgendes ich habe in einem Firefox Fenster eine Warnung stehen das ich bezahlen soll, sonst wid mein PC in 46 Stunden gesperrt.

habe ich diesen Virus jetzt auf meinem Rechner?
Was kann ich tun.

Wer kann mir helfen bevor mein PC nicht mehr angeht wie bei den anderen.
Oder reicht es wenn ich meinen PC zurück spiele auf meine Sicherung von Laufwerk C

Danke schon mal im voraus Ninni

Alt 31.01.2014, 13:47   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Polizei Warnung! Interpool - Standard

Polizei Warnung! Interpool



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 31.01.2014, 13:59   #3
Ninni7381
 
Polizei Warnung! Interpool - Standard

Polizei Warnung! Interpool



Ich hab den Comodo Internet Security Premium Version 5.12.256249.2599
Wo kann ich den da die Dateien finden. Bitt leider kein PC Spezialist tut mir leid.
hab bitte etwas Geduld mit mir!


ich hab Windows 7 64 Bit habe mir das Scan Program geladen und 1mal gescant die Text Datei kam babei raus. ich hoffe ich habe das richtig gemacht. Was soll ich jetzt tun. Wenn sie uhr auf dieser komischen Wepseite abgelaufen ist. mein DVD Laufwerk spinnt schon es rattert die ganze Ziet und geht auch nicht mehr auf.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Karina (administrator) on INTEL on 31-01-2014 14:08:12
Running from E:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\ProgramData\DatacardService\DCService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Smartbar) C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.exe
(Huawei Technologies Co., Ltd.) C:\Users\Karina\AppData\Roaming\Telekom Internet Manager\ouc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Ashampoo) C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\burningstudio10.exe
(Ashampoo) C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\CancelAutoplay.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2013-01-04] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [Olympus ib] - C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [96128 2012-02-02] (OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKCU\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] - C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.exe [20760 2013-11-21] (Smartbar)
MountPoints2: H - H:\LGAutoRun.exe
MountPoints2: {40dbc7cc-05da-11e1-a3e1-406186014be9} - V:\Autorun.exe
MountPoints2: {5e361626-2efb-11e2-bcfe-406186014be9} - L:\Startme.exe
MountPoints2: {9fb23038-f4af-11e0-8ed1-406186014be9} - V:\Formen\Formen.exe
MountPoints2: {9fb2303c-f4af-11e0-8ed1-406186014be9} - V:\FC7Setup.exe
MountPoints2: {9fb23041-f4af-11e0-8ed1-406186014be9} - V:\FC7Setup.exe
MountPoints2: {9fb23044-f4af-11e0-8ed1-406186014be9} - W:\Farben\Farben.exe
MountPoints2: {9fb23047-f4af-11e0-8ed1-406186014be9} - V:\Farben\Farben.exe
MountPoints2: {9fb23049-f4af-11e0-8ed1-406186014be9} - V:\setup.exe
MountPoints2: {9fb2304b-f4af-11e0-8ed1-406186014be9} - V:\Formen\Formen.exe
MountPoints2: {9fb2304d-f4af-11e0-8ed1-406186014be9} - V:\verbrennung/verbrennung.exe
MountPoints2: {9fb2304f-f4af-11e0-8ed1-406186014be9} - V:\Autorun.exe
MountPoints2: {9fb23053-f4af-11e0-8ed1-406186014be9} - V:\inhalt.exe
MountPoints2: {9fb2305e-f4af-11e0-8ed1-406186014be9} - V:\Notenlernen.exe
MountPoints2: {9fb23060-f4af-11e0-8ed1-406186014be9} - V:\Start.exe
MountPoints2: {a919680f-67ec-11e0-ae49-406186014be9} - L:\Puma_CD_Setup.exe
MountPoints2: {cb98ce98-fad2-11e0-a76f-406186014be9} - V:\Autorun.exe
MountPoints2: {cb98ce9c-fad2-11e0-a76f-406186014be9} - V:\Manz\DGram5.exe
MountPoints2: {cb98cea0-fad2-11e0-a76f-406186014be9} - W:\Start.exe
MountPoints2: {cb98cea7-fad2-11e0-a76f-406186014be9} - V:\Zahlen\Zahlen.exe
MountPoints2: {cb98cea9-fad2-11e0-a76f-406186014be9} - V:\Zahlen\Zahlen.exe
MountPoints2: {cb98cead-fad2-11e0-a76f-406186014be9} - W:\autorun.exe
MountPoints2: {cb98ceaf-fad2-11e0-a76f-406186014be9} - X:\Manz\DGram5.exe
MountPoints2: {cb98ceb4-fad2-11e0-a76f-406186014be9} - X:\setup.exe
MountPoints2: {de250959-6154-11e2-a9da-406186014be9} - V:\Autorun.exe
MountPoints2: {e04db3e6-7097-11e3-a002-406186014be9} - H:\LGAutoRun.exe
MountPoints2: {e162fd8d-568b-11e2-ad23-406186014be9} - L:\AutoRun.exe
MountPoints2: {e162fd98-568b-11e2-ad23-406186014be9} - L:\AutoRun.exe
MountPoints2: {e461c8cf-19eb-11e1-b64c-406186014be9} - V:\setup.exe
MountPoints2: {f6c91ae0-311e-11e1-866b-406186014be9} - V:\Autorun.exe
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: c:\windows\syswow64\guard32.dll => c:\windows\syswow64\guard32.dll [301264 2012-11-08] (COMODO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1e9edcf7-0fd5-ef22-667f-50067503a86c&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/12/2013&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP4716C17C-5562-419C-A081-7358E5462DEE&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x20D222856AFBCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1e9edcf7-0fd5-ef22-667f-50067503a86c&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/12/2013&type=hp1000
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtDtCyE0B0Ezy0DyDyD0EtN0D0Tzu0CyCyDyDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=835691873&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtDtCyE0B0Ezy0DyDyD0EtN0D0Tzu0CyCyDyDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=835691873&ir=
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtDtCyE0B0Ezy0DyDyD0EtN0D0Tzu0CyCyDyDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=835691873&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtDtCyE0B0Ezy0DyDyD0EtN0D0Tzu0CyCyDyDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=835691873&ir=
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1e9edcf7-0fd5-ef22-667f-50067503a86c&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/12/2013&type=hp1000
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1e9edcf7-0fd5-ef22-667f-50067503a86c&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/12/2013&type=hp1000
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCtDtCyE0B0Ezy0DyDyD0EtN0D0Tzu0CyCyDyDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=835691873&ir=
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP4716C17C-5562-419C-A081-7358E5462DEE&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1e9edcf7-0fd5-ef22-667f-50067503a86c&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/12/2013&type=hp1000
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP4716C17C-5562-419C-A081-7358E5462DEE&q={searchTerms}&SSPV=
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Karina\AppData\Roaming\Mozilla\Firefox\Profiles\xvzfc67a.default-1387200352191
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: google.de
FF Keyword.URL: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1e9edcf7-0fd5-ef22-667f-50067503a86c&searchtype=ds&fr=linkury-tb&installDate=25/12/2013&type=hp1000&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\Karina\AppData\Roaming\Mozilla\Firefox\Profiles\xvzfc67a.default-1387200352191\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Karina\AppData\Roaming\Mozilla\Firefox\Profiles\xvzfc67a.default-1387200352191\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-18]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-17]
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-02-04]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-29]
CHR Extension: (Google Drive) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-30]
CHR Extension: (YouTube) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-30]
CHR Extension: (Google-Suche) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-30]
CHR Extension: (OfferMosquito) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2013-07-04]
CHR Extension: (RealDownloader) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-29]
CHR Extension: (Google Wallet) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-29]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-11-30]
CHR Extension: (Neuer Tab) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2013-11-29]
CHR Extension: (Google Mail) - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-30]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Karina\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-16]
CHR HKCU\...\Chrome\Extension: [gbmdkmlcnbapgegninelmjbfibaghdmk] - C:\Users\Karina\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx [2013-07-19]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Karina\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-16]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2013-10-16]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Karina\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-10-16]

==================== Services (Whitelisted) =================

R2 cmdagent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [324928 2010-02-02] (Nitro PDF Software)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3060040 2010-08-30] (O&O Software GmbH)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2009-07-10] (Realtek)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607048 2011-03-28] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1398088 2010-02-25] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S2 ASPI32; No ImagePath
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22736 2012-11-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Siliten)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2012-02-21] ()
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2010-02-25] (TuneUp Software)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
U3 JavaQuickStarterService; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-31 14:07 - 2014-01-31 14:08 - 00000000 ____D C:\FRST
2014-01-31 14:06 - 2014-01-31 14:06 - 00000000 ____D C:\Program Files (x86)\iMesh Applications
2014-01-31 14:05 - 2014-01-31 14:05 - 00000568 _____ C:\Users\Public\Desktop\iMesh-Installation fortsetzen.lnk
2014-01-27 03:42 - 2014-01-31 06:07 - 00000560 _____ C:\Windows\setupact.log
2014-01-27 03:42 - 2014-01-27 03:42 - 00000000 _____ C:\Windows\setuperr.log
2014-01-21 21:04 - 2014-01-21 21:07 - 00000000 ____D C:\Program Files (x86)\thriXXX
2014-01-15 03:56 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 03:56 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 03:56 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 03:56 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 03:56 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 03:56 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 03:56 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 03:56 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 03:56 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-02 20:45 - 2014-01-02 20:45 - 00000000 ____D C:\Users\Karina\AppData\Roaming\thriXXX
2014-01-02 06:54 - 2014-01-02 06:54 - 00000000 ____D C:\Users\Karina\Downloads\Download.am
2014-01-02 06:46 - 2014-01-02 06:46 - 00000000 ____D C:\Users\Karina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2014-01-01 20:16 - 2014-01-01 20:23 - 00000000 ____D C:\Users\Karina\AppData\Local\DownloadGuide

==================== One Month Modified Files and Folders =======

2014-01-31 14:08 - 2014-01-31 14:07 - 00000000 ____D C:\FRST
2014-01-31 14:07 - 2011-10-12 09:28 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2014-01-31 14:06 - 2014-01-31 14:06 - 00000000 ____D C:\Program Files (x86)\iMesh Applications
2014-01-31 14:05 - 2014-01-31 14:05 - 00000568 _____ C:\Users\Public\Desktop\iMesh-Installation fortsetzen.lnk
2014-01-31 14:05 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 14:05 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 14:02 - 2011-05-21 08:50 - 01488069 _____ C:\Windows\WindowsUpdate.log
2014-01-31 13:57 - 2012-04-05 22:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 13:27 - 2011-09-23 13:19 - 00000000 ____D C:\Users\Karina\AppData\Roaming\vlc
2014-01-31 12:07 - 2011-03-28 09:14 - 00000000 ____D C:\Users\Karina\AppData\Local\Corel
2014-01-31 11:58 - 2011-03-28 09:21 - 00002776 ___SH C:\ProgramData\KGyGaAvL.sys
2014-01-31 11:58 - 2011-03-28 09:14 - 00000000 ____D C:\Users\Karina\Documents\My PSP Files
2014-01-31 10:43 - 2012-04-05 22:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-31 10:43 - 2012-04-05 22:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-31 10:43 - 2011-05-18 00:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-31 10:43 - 2011-03-28 09:39 - 00000000 ____D C:\Users\Karina\AppData\Local\Adobe
2014-01-31 06:48 - 2010-11-21 07:50 - 00696832 _____ C:\Windows\system32\perfh007.dat
2014-01-31 06:48 - 2010-11-21 07:50 - 00148128 _____ C:\Windows\system32\perfc007.dat
2014-01-31 06:48 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-31 06:09 - 2013-01-18 14:36 - 00003358 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2215941620-1616290121-267833351-1001
2014-01-31 06:09 - 2013-01-18 14:36 - 00003226 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2215941620-1616290121-267833351-1001
2014-01-31 06:09 - 2011-03-27 19:27 - 00000328 _____ C:\Windows\Tasks\GlaryInitialize.job
2014-01-31 06:07 - 2014-01-27 03:42 - 00000560 _____ C:\Windows\setupact.log
2014-01-31 06:07 - 2011-03-28 09:00 - 03037431 _____ C:\Windows\system32\oodbs.lor
2014-01-31 06:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 04:05 - 2013-12-11 03:50 - 00003336 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2215941620-1616290121-267833351-1001
2014-01-31 04:05 - 2013-01-18 11:02 - 00003204 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2215941620-1616290121-267833351-1001
2014-01-28 10:08 - 2013-09-26 06:00 - 00000000 ____D C:\Users\Karina\Desktop\Programme
2014-01-27 03:42 - 2014-01-27 03:42 - 00000000 _____ C:\Windows\setuperr.log
2014-01-26 10:22 - 2012-02-22 19:28 - 00000000 ____D C:\Windows\Minidump
2014-01-26 10:22 - 2011-12-10 18:01 - 00000000 ____D C:\Users\Karina\AppData\Local\CrashDumps
2014-01-26 10:22 - 2011-03-27 17:09 - 00000000 ____D C:\Windows\Panther
2014-01-21 21:10 - 2012-08-15 22:09 - 00000000 ____D C:\Program Files (x86)\Gameforge
2014-01-21 21:07 - 2014-01-21 21:04 - 00000000 ____D C:\Program Files (x86)\thriXXX
2014-01-19 20:27 - 2011-03-28 13:21 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-15 06:53 - 2009-07-14 05:45 - 00473152 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 04:22 - 2013-07-19 20:20 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 04:17 - 2011-03-27 16:28 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-12 08:56 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-02 20:45 - 2014-01-02 20:45 - 00000000 ____D C:\Users\Karina\AppData\Roaming\thriXXX
2014-01-02 06:54 - 2014-01-02 06:54 - 00000000 ____D C:\Users\Karina\Downloads\Download.am
2014-01-02 06:46 - 2014-01-02 06:46 - 00000000 ____D C:\Users\Karina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2014-01-02 04:19 - 2012-11-11 21:36 - 00003794 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-02 04:19 - 2011-08-14 01:21 - 00003784 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-01-01 20:23 - 2014-01-01 20:16 - 00000000 ____D C:\Users\Karina\AppData\Local\DownloadGuide

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4500.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 07:10

==================== End Of Log ============================
         
--- --- ---
__________________

Geändert von Ninni7381 (31.01.2014 um 14:17 Uhr) Grund: FQ entfernt

Alt 31.01.2014, 14:08   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Polizei Warnung! Interpool - Standard

Polizei Warnung! Interpool



Bitte keine Vollzitate machen! Das ist sinnfrei und müll hier alles nur zu!
Wurde COMODO jemals fündig? Wenn nicht brauchst du auch nicht nach Logs suchen
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 31.01.2014, 14:21   #5
Ninni7381
 
Polizei Warnung! Interpool - Standard

Polizei Warnung! Interpool



hier die andere Datei


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01
Ran by Karina at 2014-01-31 14:09:16
Running from E:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: COMODO Antivirus (Enabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}

==================== Installed Programs ======================

ACDSee Pro 3 (x32 Version: 3.0.475 - ACD Systems International Inc.)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.7.148 - Adobe Systems, Inc.)
Alien Skin Eye Candy 5 Impact (x32 Version:  - )
Alien Skin Eye Candy 5 Nature (x32 Version:  - )
Alien Skin Eye Candy 5 Textures (x32 Version:  - )
Alien Skin Xenofex 2.0 (x32 Version:  - )
Allgemeine Runtime Files (x86) (Version: 1.0.3.2 - Sereby Corporation)
Ashampoo Burning Studio 10 v.10.0.15 (x32 Version: 10.0.15 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (Version: 3.0.812.0 - ATI Technologies, Inc.)
Audiograbber 1.83 SE  (x32 Version: 1.83 SE - Audiograbber Deutschland)
AviSynth 2.5 (x32 Version:  - )
BenVista PhotoZoom Pro 4.0.6 (HKCU Version: 4.0.6 - BenVista Ltd.)
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
CCleaner (Version: 3.11 - Piriform)
CDCoverFixPrint 2.0  (x32 Version: 2.0 - UCA-Soft c/o Carsten Mueller Multimedia Design)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Collectorz.com Movie Collector (x32 Version:  - )
Collectorz.com Music Collector (x32 Version:  - )
COMODO Internet Security (Version: 5.4.58750.1355 - COMODO Security Solutions Inc.)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (x32 Version: 1.6.1.242 - Corel Corporation)
Corel PaintShop Pro X4 (x32 Version: 14.0.0.332 - Corel Corporation)
Corel PaintShop Pro X4 (x32 Version: 14.1.0.5 - Corel Corporation) Hidden
Cover Me (x32 Version: 2.3 - Programm- & Webdesign)
DirectX 9.0c Extra Files (x86, x64) (Version: 1.10.06.0 - Sereby Corporation)
DivX-Setup (x32 Version: 2.6.1.24 - DivX, LLC)
Driver Genius Professional Edition (x32 Version: 10.0 - Driver-Soft Inc.)
Europa City Premium 3/2010t - NQ (F:\map&guide professional 2011\EuropePremium.geo) (x32 Version: 17.00.0000 - PTV AG)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0 - MAGIX AG)
FormatFactory 3.0.1 (x32 Version: 3.0.1 - Free Time)
Free YouTube Download version 3.2.19.1219 (x32 Version: 3.2.19.1219 - DVDVideoSoft Ltd.)
Glary Utilities Pro 2.34.0.1190 (x32 Version: 2.34.0.1190 - Glarysoft Ltd)
Google Earth (x32 Version: 5.2.1.1588 - Google)
ICA (x32 Version: 1.6.1.242 - Corel Corporation) Hidden
ICA (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
IPM_PSP_CL (x32 Version: 1.00.0000 - Your Company Name) Hidden
IPM_PSP_COM (x32 Version: 1.00.0000 - Your Company Name) Hidden
IPM_PSP_COM (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
Jasc Animation Shop 3 (x32 Version: 3.11 - Ihr Firmenname)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 24 (64-bit) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 24 (x32 Version: 6.0.240 - Oracle)
K-Lite Mega Codec Pack 10.0.0 (x32 Version: 10.0.0 - )
MAGIX Foto Manager 10 deluxe (x32 Version: 8.0.0.119 - MAGIX AG)
MAGIX Foto Manager 10 deluxe (x32 Version: 8.0.0.119 - MAGIX AG) Hidden
MAGIX Online Druck Service (x32 Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)
map&guide professional 2011 (x32 Version: 17.0.1.131 - PTV-AG)
Media Go (x32 Version: 2.3.255 - Sony)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MKVToolNix 5.1.0 (x32 Version: 5.1.0 - Moritz Bunkus)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nitro PDF Professional (Version: 6.0.3.1 - Nitro PDF Software)
Nokia Connectivity Cable Driver (x32 Version: 7.1.69.0 - Nokia)
Nokia Suite (x32 Version: 3.3.89.0 - Nokia)
Nokia Suite (x32 Version: 3.3.89.0 - Nokia) Hidden
NVIDIA Drivers (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 307.83 (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
O&O Defrag Professional (Version: 14.0.167 - O&O Software GmbH)
OLYMPUS Digital Camera Updater (x32 Version: 1.0.3 - OLYMPUS IMAGING CORP.)
Olympus ib (x32 Version: 1.6.3731 - OLYMPUS IMAGING CORP.)
Olympus ib (x32 Version: 1.6.3731 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS Viewer 2 (x32 Version: 1.3.1 - OLYMPUS IMAGING CORP.)
ORTMANN Cross Stitch Designer 4.0 (x32 Version: 4.0 - ORTMANN Media-Verlag)
PC Connectivity Solution (x32 Version: 11.5.29.0 - Nokia)
Perro Ministeck Creator (x32 Version:  - )
PlayStation(R)Network Downloader (x32 Version: 2.07.00849 - Sony Computer Entertainment Inc.)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PSPPro64 (Version: 14.0.0.332 - Corel Corporation) Hidden
QuickTime (x32 Version: 7.55.90.70 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (x32 Version: 1.5.11.0 - Ralink)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.0 - RealNetworks)
REALTEK Wireless LAN Driver and Utility (x32 Version: 1.00.0134 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
ScanWizard 5 (x32 Version:  - )
Setup (x32 Version: 1.6.1.242 - Corel Corporation) Hidden
Setup (x32 Version: 14.0.0.332 - Ihr Firmenname) Hidden
SoftMaker Office 2008 (C:\Program Files (x86)\SoftMaker Office 2008) (x32 Version:  - SoftMaker Software GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Telekom Internet Manager (x32 Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)
TuneUp Utilities (x32 Version: 9.0.4030.5 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.4030.5 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.4030.5 - TuneUp Software) Hidden
UltraISO Premium V9.36 (x32 Version:  - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x64 Runtime - (v9.0.30729.5026) (x32 Version: 9.0.30729.5026 - Microsoft Corporation) Hidden
Visual C++ 2008 x64 Runtime - v9.0.30729.5026 (x32 Version: 9.0.30729.5026 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - (v9.0.30729.5026) (x32 Version: 9.0.30729.5026 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.5026 (x32 Version: 9.0.30729.5026 - Microsoft Corporation)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
WinAVI All in One Converter v1.1 (x32 Version: 1.1.0.3897 - ZJMedia Digital Technology Ltd.)
WinCDEmu (x32 Version: 3.6 - Bazis)
Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR 4.01 (64-Bit) (Version: 4.01.0 - win.rar GmbH)
Your Uninstaller! 2010 (x32 Version: 7.0 - URSoft, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2011-12-06 10:48 - 00001010 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       activation.nero.com
127.255.255.255	www.corel.com
127.0.0.1 ursoftware.com
127.0.0.1 www.ursoftware.com  
127.0.0.1 ursoftware.com
127.0.0.1 secure.tune-up.com


==================== Scheduled Tasks (whitelisted) =============

Task: {0069F024-620B-413B-9AF5-2689DE99168D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-31] (Adobe Systems Incorporated)
Task: {00EF4B41-ADD9-4BFE-A052-A47630DF9E1A} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2011-05-27] (Glarysoft Ltd)
Task: {184B2981-869B-4951-98F7-C635BFFAFBAE} - System32\Tasks\Real Networks Scheduler => c:\program files (x86)\real\realplayer\Update\realsched.exe [2013-01-18] (RealNetworks, Inc.)
Task: {32A2800C-7DDC-4D1C-9505-B304B9DB3D7D} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {46EC1822-7F94-48A9-928E-E14B00DF6AFC} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2215941620-1616290121-267833351-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {5FA4BA82-1329-4573-B43A-6173204B1454} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe [2010-02-25] (TuneUp Software)
Task: {6042A9CB-D1F5-4E4B-80A8-1EC50AC1AC9E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2215941620-1616290121-267833351-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {650B84F3-6653-41D7-A214-983F712B5EFF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6FF1E994-240F-41E2-9DFC-340B70F9E5E2} - System32\Tasks\{70E232B5-0A7B-484B-96BE-67F1DDA21963} => C:\Program Files (x86)\Nero\Nero 12\Nero Welcome\WelcomeApplication.exe
Task: {77C899BB-AAB4-44AA-BC09-40D7BC9A3F94} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2215941620-1616290121-267833351-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {8090336E-EADA-43C4-87D8-407BE4D0574E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2215941620-1616290121-267833351-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {DC73296E-D141-4593-942F-939B4CF62057} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2215941620-1616290121-267833351-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {E9025130-8834-4495-B01F-2AEF8D8C1C0A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2215941620-1616290121-267833351-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {ED5C0182-797D-443D-A39B-9BC5E095B184} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2215941620-1616290121-267833351-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {FE274FA4-453A-4A42-8AEC-0E33ED713F27} - System32\Tasks\Event Launcher => C:\Program Files (x86)\Real\RealPlayer\update\RealOneMessageCenter.exe [2013-01-18] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe

==================== Loaded Modules (whitelisted) =============

2013-01-06 19:45 - 2009-08-28 17:38 - 00131072 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00034072 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00062232 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\srau.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00149784 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00111896 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 02056984 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00055064 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\spbl.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00012568 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\siem.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00048408 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\sppsm.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00727320 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00081688 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00013592 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00016664 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00030488 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\srut.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00019736 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\srsbs.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00057112 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00013592 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\sgml.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00052504 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00014104 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\srpdm.dll
2013-11-21 09:48 - 2013-11-21 09:48 - 00047384 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-11-21 09:48 - 2013-11-21 09:48 - 00025368 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00024856 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00248088 _____ () C:\Users\Karina\AppData\Local\Smartbar\Application\srns.dll
2012-10-15 15:46 - 2013-12-22 10:43 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2003-07-11 01:09 - 2003-07-11 01:09 - 00048192 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\1031\nsextint.dll
2011-09-05 16:11 - 2011-04-18 13:47 - 04190568 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\ash_inet2.dll
2011-09-05 16:09 - 2011-08-08 09:47 - 00197536 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\decmpa.dll
2011-09-05 16:09 - 2011-08-08 09:47 - 00209312 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\ash_amf.dll
2011-09-05 16:09 - 2011-08-08 09:47 - 00309664 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\acdwVorbis.dll
2011-09-05 16:09 - 2011-08-08 09:47 - 00126880 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\acdwFLAC.dll
2011-09-05 16:09 - 2011-08-08 09:47 - 00076192 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\acdwWMA.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:D4242D29

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2014 06:08:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 04:04:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 06:20:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 00:34:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 06:17:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 10:35:43 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/28/2014 10:35:43 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/28/2014 08:09:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 06:14:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 07:05:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/31/2014 06:07:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/31/2014 04:03:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/30/2014 06:19:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/29/2014 00:32:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/29/2014 06:16:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/28/2014 08:08:22 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/28/2014 06:13:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/27/2014 07:04:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/27/2014 10:46:07 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.

Error: (01/27/2014 06:42:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (01/31/2014 06:08:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 04:04:28 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 06:20:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 00:34:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 06:17:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 10:35:43 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (01/28/2014 10:35:43 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (01/28/2014 08:09:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 06:14:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 07:05:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 3839.24 MB
Available physical RAM: 1498.4 MB
Total Pagefile: 7676.66 MB
Available Pagefile: 5364.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:78.13 GB) (Free:36.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Programme) (Fixed) (Total:292.97 GB) (Free:259.63 GB) NTFS
Drive e: (Privat) (Fixed) (Total:488.29 GB) (Free:63 GB) NTFS
Drive f: (Sicherung) (Fixed) (Total:72.12 GB) (Free:36.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5CE38E24)
Partition 1: (Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=72 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 31.01.2014, 15:04   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Polizei Warnung! Interpool - Standard

Polizei Warnung! Interpool



Zitat:
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: COMODO Antivirus (Enabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}
Also sowas geht garnicht...den Rechner mit Sicherheitssoftware/Virenscanner zukleistern!
Man nimmt genau einen Virenscanner plus Windows-Firewall, mehr braucht es nicht!
Du machst keinen Rechner sicherer indem du einen Virenscanner nach dem anderen installierst, das ist der falsche Ansatz, Sicherheit entsteht im Kopf durch ein Konzeopt und nicht indem man einfach irgendwelche Scanner auf System klatscht.

Ich empfehle die Deinstallation von Comodo AV + Firewall - deaktivier den Windows-Defender, aktivier die Windows-Firewall.
MS Security Essential kannst du behalten, die reicht für nen Grundschutz, wenn du etwas mehr Optionen haben willst: Avast Free oder du kaufst dir einen Scanner wie zB ESET NOD32.

Code:
ATTFilter
127.0.0.1       activation.nero.com
127.255.255.255	www.corel.com
127.0.0.1 ursoftware.com
127.0.0.1 www.ursoftware.com
127.0.0.1 ursoftware.com
127.0.0.1 secure.tune-up.com
         
Wer bitte hat das denn verbrochen, wer hat Nero, Software von Corel und dieses unsägliche TuneUp installiert?
Die Einträge sind ein handestes Indiz dafür, dass besagte Software illegal ist denn es gibt sonst keinen triftigen Grund derartige Adressen auf den localhost zu erden.

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
--> Polizei Warnung! Interpool

Alt 31.01.2014, 17:06   #7
Ninni7381
 
Polizei Warnung! Interpool - Standard

Polizei Warnung! Interpool



Denn hab ich gebraucht gekauft warum! Also is es besser wenn ich den PC platt mach. Wenn ich das hab meld ich mich gleich wieder, was ich danach machen soll! oki

So hab Format C gemacht, damit ich diesen ganzen Müll net mehr drauf hab. Jetzt geht er gar net mehr an. Sitz an nem anderen rechner. Wenn ich na an bekomm, wäre es net wenn ihr mir helfen würdet nach was ich dann noch schauen soll.

Danke schon mal

Geändert von Ninni7381 (31.01.2014 um 17:19 Uhr)

Alt 01.02.2014, 02:33   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Polizei Warnung! Interpool - Standard

Polizei Warnung! Interpool



Zitat:
So hab Format C gemacht, damit ich diesen ganzen Müll net mehr drauf hab. Jetzt geht er gar net mehr an.
Ein löschen der Platte zerstört das Gerätnicht, es löscht nur alles an Daten.
Logischerweise startet dann auch kein Betriebssystem mehr. Folge dem Artikel zur Neuinstallation von Windows
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Polizei Warnung! Interpool
andere, bezahlen, fenster, firefox, folge, folgendes, interpool, nicht mehr, polizei, polizei warnung, problem, rechner, stehe, stunde, stunden, virus, warnung




Ähnliche Themen: Polizei Warnung! Interpool


  1. Trojaner/Virus "Polizei Warnung" auf meinem Smartphone + Lösung
    Smartphone, Tablet & Handy Security - 10.05.2017 (3)
  2. Trojaner/Virus "Polizei Warnung" auf meinem Tablet Samsung Galaxy4
    Smartphone, Tablet & Handy Security - 08.05.2015 (3)
  3. Trojaner eingefangen: Polizei. Warnung. Zugang zu ihrem Brouser wurde gesperrt.
    Log-Analyse und Auswertung - 31.03.2015 (11)
  4. Polizei.Warnung! Popup-Fenster öffnete sich beim Surfen
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (10)
  5. Meldung vom Bundeskriminalamt, Interpool usw - sperre des PC's,
    Plagegeister aller Art und deren Bekämpfung - 02.04.2014 (1)
  6. Interpool Trojaner, brauche Fixlist.txt
    Plagegeister aller Art und deren Bekämpfung - 03.03.2014 (3)
  7. WARNUNG. Polizei! Browser wurde gesperrt.. Daten verschlüsselt etc.
    Plagegeister aller Art und deren Bekämpfung - 18.02.2014 (26)
  8. interpool trojaner
    Log-Analyse und Auswertung - 09.02.2014 (9)
  9. Interpol - Polizei Warnung mit Zeitangabe- soll innerhalb von 46 Stunden zahlen
    Log-Analyse und Auswertung - 04.02.2014 (97)
  10. Interpool Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 22.01.2014 (12)
  11. Polizei Warnung Popup
    Plagegeister aller Art und deren Bekämpfung - 26.12.2013 (1)
  12. Windows XP Interpool Trojaner?, Avira , Firefox etc geht nicht mehr
    Log-Analyse und Auswertung - 04.11.2013 (3)
  13. Windows 7. Bei Start weißer Bildschirm. PC durch Interpool gesperrt
    Log-Analyse und Auswertung - 29.10.2013 (9)
  14. Gesperrter Pc wegen Interpool Virus oder trojaner
    Log-Analyse und Auswertung - 10.10.2013 (12)
  15. Gesperrter PC wegen BKA, Interpool - Virus
    Log-Analyse und Auswertung - 08.10.2013 (3)
  16. Windows 7, Interpool/CIA meldung wegen verstoss, 500.- Busse, 1 Minute nach Aufstarten des Laptops <- weisser Bildschirm
    Log-Analyse und Auswertung - 09.09.2013 (19)
  17. vista 32 pc gesperrt von interpool ?
    Log-Analyse und Auswertung - 10.08.2013 (5)

Zum Thema Polizei Warnung! Interpool - Hallo! Ich habe gesehen, das einige das selbe Problem haben. Habe hier schon mal ein bischen gelesen, aber weiter bringt mich das leider auch nicht. Also folgendes ich habe in - Polizei Warnung! Interpool...
Archiv
Du betrachtest: Polizei Warnung! Interpool auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.