|
Plagegeister aller Art und deren Bekämpfung: Der Sicherheitscenterdienst konnte nicht eingeschaltet werden (Vista / SP 2)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.11.2014, 15:24 | #1 |
| Der Sicherheitscenterdienst konnte nicht eingeschaltet werden (Vista / SP 2) Hallo Zusammen, habe ein Problem, nämlich folgendes ich bekomme die Meldung "Der Sicherheitscenterdienst konnte nicht eingeschaltet werden (Vista Home Premium / SP 2). Es wird auch nicht die Möglichkeit anzeigt die WIN-FW zu aktivieren. Momentan sind aktiv die ZoneAlarm Firewall und der AVG-Virenschutz. Was meint Ihr, zeugt dieses Verhalten von einem Virenvorfall? Habe bereits Malwarebytes, Avira EU-cleaner und den AVG-Scan über den gesamten Computer laufen lassen. Alle gefundenen Viren wurde in Quarantäne genommen. Außerdem ein weiteres Phänomen. Der automatische WINDOWS-Update brach immer mit dem Fehler ab, dass die Updates nicht konfiguriert werden konnten und deshalb rückgängig gemacht werden - weiß nicht ob das damit zusammenhängt. Auf alle Fälle scheint dieses Problem mit dem Tool "pwcUpdateRepair" behoben. Schon mal vielen Dank für Eure Bemühungen im Voraus. Viele Grüße Klaus |
13.11.2014, 15:29 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Der Sicherheitscenterdienst konnte nicht eingeschaltet werden (Vista / SP 2) Hallo und
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
13.11.2014, 15:56 | #3 |
| Der Sicherheitscenterdienst konnte nicht eingeschaltet werden (Vista / SP 2)Code:
ATTFilter can result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2014 Ran by klaus (administrator) on PC-KLAUS on 13-11-2014 15:45:20 Running from C:\Users\klaus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z24WCC9V Loaded Profile: klaus (Available profiles: admin & klaus & jakob) Platform: Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Agere Systems) C:\Windows\System32\agrsmsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE (NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe () C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe (Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe (CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe () C:\Windows\PLFSetI.exe (Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe () C:\Acer\Mobility Center\MobilityService.exe () C:\Program Files\CDBurnerXP\NMSAccessU.exe (NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () C:\Program Files\Cyberlink\Shared files\RichVideo.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe (AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe (Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Ulead Systems, Inc.) C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe (Ulead Systems, Inc.) C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe (Pinnacle Systems) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe () C:\Program Files\Winamp\winampa.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Nikon Corporation) C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Gemalto N.V.) C:\Users\klaus\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Realtek Semiconductor Corp.) C:\Users\klaus\AppData\Local\Temp\RtkBtMnt.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\OneClickStarter.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1037608 2008-02-22] (Synaptics, Inc.) HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040 2008-04-06] () HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-04-10] (CyberLink Corp.) HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [167936 2008-04-10] (CyberLink) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-08] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-21] (Realtek Semiconductor Corp.) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2007-10-23] () HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [809480 2008-07-25] (Dritek System Inc.) HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-05-14] (Egis Incorporated) HKLM\...\Run: [ePower_DMC] => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [397312 2008-04-30] (Acer Inc.) HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated) HKLM\...\Run: [Ulead AutoDetector] => C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [45056 2003-11-19] (Ulead Systems, Inc.) HKLM\...\Run: [Ulead Photo Express 5 SE Calendar Checker] => C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe [69632 2004-01-12] (Ulead Systems, Inc.) HKLM\...\Run: [PinnacleDriverCheck] => C:\Windows\system32\PSDrvCheck.exe [406016 2004-03-10] () HKLM\...\Run: [USB2Check] => RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [192512 2004-04-23] (Pinnacle Systems) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [36352 2008-08-04] () HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [563080 2007-01-24] (Microsoft Corporation) HKLM\...\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] => C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe [45056 2004-06-21] () HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-09-25] (Seagate LLC) HKLM\...\Run: [Nikon Transfer Monitor] => C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [479232 2009-09-15] (Nikon Corporation) HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-10-25] (Check Point Software Technologies LTD) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3649040 2014-10-16] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [ALBATTTOOL] => C:\Program Files\AkkuLine.de\AkkuLine Batterie-Tool\AL-Batterie-Tool.exe HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [Orb] => C:\Program Files\Winamp Remote\bin\OrbTray.exe [507904 2008-04-01] (Orb Networks) HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\klaus\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2012-07-09] (Gemalto N.V.) HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Run: [Google Update**.d<*>] => "C:\Users\klaus\AppData\Local\Google\Desktop\Install\{cced714b-348e-29ba-f6a1-1cacf2a4ea0f}\d'x"Ù"\", &h#\. ùû[\{cced714b-348e-29ba-f6a1-1cacf2a4ea0f}\GoogleUpdate.exe" > <===== ATTENTION (Value Name with invalid characters) HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-716381979-3132375173-1517245798-1001\...\MountPoints2: {0ffa6dbe-a450-11dd-ba76-806e6f6e6963} - E:\start.exe /auto Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (No File) ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_5730 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_5730 URLSearchHook: HKLM - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) URLSearchHook: HKLM - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) URLSearchHook: HKCU - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) URLSearchHook: HKCU - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351 SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351 SearchScopes: HKLM - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 SearchScopes: HKCU - {31CF9EBE-5755-4a1d-AC25-2834D952D9B4} URL = hxxp://search.pdfcreator-toolbar.org/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE299DE300 SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351 SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) BHO: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) BHO: Softonic Deutsch Toolbar -> {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} -> C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) Toolbar: HKLM - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD) DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab Handler: haufereader - No CLSID Value - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fj408btt.default FF SelectedSearchEngine: Claro Search FF Homepage: hxxp://www.t-online.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF user.js: detected! => C:\Users\klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fj408btt.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml FF Extension: Toolbar fuer eBay - C:\Program Files\Mozilla Firefox\extensions\ebay.xpi [2008-09-09] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-22] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3487248 2014-10-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-10-16] (AVG Technologies CZ, s.r.o.) R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed] R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () [File not signed] R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] () [File not signed] R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [189736 2009-09-25] (Seagate Technology LLC) R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed] R3 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed] R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] () R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-04] () [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] () R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-01-10] (Acer Incorporated) [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2166584 2014-10-17] (AVG Technologies) R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-10-25] (Check Point Software Technologies LTD) S2 Winmgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation) R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.) S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{cced714b-348e-29ba-f6a1-1cacf2a4ea0f}\ \...\???\{cced714b-348e-29ba-f6a1-1cacf2a4ea0f}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ASAPIW2k; C:\Windows\System32\drivers\ASAPIW2k.sys [11264 2004-03-10] (Pinnacle Systems GmbH) [File not signed] R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213272 2014-10-07] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.) S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [100957 2004-04-06] (eMPIA Technology, Inc.) S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5245 2004-04-06] (eMPIA Technology, Inc.) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [136024 2012-11-15] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [589144 2013-02-21] (Kaspersky Lab) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-13] (Malwarebytes Corporation) R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed] R1 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2004-07-16] (Pinnacle Systems GmbH) [File not signed] S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4493 2004-04-06] (eMPIA Technology, Inc.) S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed] R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-09-09] (TuneUp Software) R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [452120 2013-06-13] (Check Point Software Technologies LTD) R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-04-18] (Cyberlink Corp.) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] U5 klflt; C:\Windows\System32\Drivers\klflt.sys [75608 2013-02-21] (Kaspersky Lab) S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-13 15:42 - 2014-11-13 15:45 - 00000000 ____D () C:\FRST 2014-11-13 14:27 - 2014-11-13 14:27 - 00000000 ____D () C:\MGADiagToolOutput 2014-11-13 14:19 - 2014-11-13 14:19 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage 2014-11-13 14:17 - 2003-03-25 06:00 - 00009216 _____ (Microsoft Corporation) C:\Windows\proxycfg.exe 2014-11-13 14:12 - 2014-11-13 14:12 - 00000130 _____ () C:\Descriptors.txt 2014-11-13 13:32 - 2014-11-13 13:32 - 00000000 ____D () C:\Users\klaus\AppData\Roaming\AVG 2014-11-13 13:10 - 2014-11-13 13:10 - 00000000 ____D () C:\Users\klaus\AppData\Local\Avg 2014-11-13 12:34 - 2014-11-13 12:34 - 00000326 _____ () C:\Windows\Tasks\1114avtUpdateInfo.job 2014-11-13 12:34 - 2014-11-13 12:34 - 00000000 ____D () C:\ProgramData\Avg_Update_1114avt 2014-11-07 17:23 - 2014-11-07 17:23 - 00001897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk 2014-11-07 17:23 - 2014-11-07 17:23 - 00001889 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2014-11-07 17:23 - 2014-11-07 17:23 - 00001885 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk 2014-11-07 17:23 - 2014-11-07 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015 2014-11-07 17:23 - 2014-10-17 12:34 - 00036152 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe 2014-11-07 17:23 - 2014-10-17 12:34 - 00025400 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll 2014-11-07 17:19 - 2014-11-07 17:19 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVG 2014-11-07 17:13 - 2014-11-07 17:13 - 00000000 ____D () C:\Users\admin\AppData\Local\Avg 2014-11-07 17:10 - 2014-11-07 16:59 - 90754872 _____ (AVG Technologies) C:\Users\admin\Downloads\avg_tuh_stf_all_2015_185_24c4.exe 2014-11-07 16:59 - 2014-11-07 17:24 - 00000000 ____D () C:\ProgramData\AVG 2014-11-07 16:52 - 2014-11-07 16:59 - 90754872 _____ (AVG Technologies) C:\Users\klaus\Downloads\avg_tuh_stf_all_2015_185_24c4.exe 2014-11-07 16:48 - 2014-11-07 16:48 - 00000000 ____D () C:\Users\klaus\AppData\Roaming\TuneUp Software 2014-11-07 16:43 - 2014-11-07 16:43 - 00000000 ____D () C:\Users\klaus\AppData\Roaming\AVG2015 2014-11-07 16:41 - 2014-11-13 15:08 - 00000000 ____D () C:\Users\klaus\AppData\Local\Avg2015 2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVG2015 2014-11-07 16:36 - 2014-11-07 16:36 - 00000862 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2014-11-07 16:36 - 2014-11-07 16:36 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TuneUp Software 2014-11-07 16:36 - 2014-11-07 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-11-07 16:35 - 2014-11-07 16:36 - 00000000 ____D () C:\ProgramData\AVG2015 2014-11-07 16:35 - 2014-11-07 16:35 - 00000000 ___HD () C:\$AVG 2014-11-07 16:33 - 2014-11-07 17:16 - 00000000 ____D () C:\Program Files\AVG 2014-11-07 16:27 - 2014-11-13 15:27 - 00000000 ____D () C:\ProgramData\MFAData 2014-11-07 16:27 - 2014-11-07 20:26 - 00000000 ____D () C:\Users\admin\AppData\Local\Avg2015 2014-11-07 16:27 - 2014-11-07 16:27 - 04578024 _____ (AVG Technologies) C:\Users\admin\Downloads\avg_avct_stb_all_2015_5315_ppc17.exe 2014-11-07 16:27 - 2014-11-07 16:27 - 00000000 ____D () C:\Users\admin\AppData\Local\MFAData 2014-11-07 16:19 - 2014-11-07 16:19 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-07 16:18 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp 2014-11-07 16:18 - 2014-11-07 16:20 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\klaus\Downloads\avira_de_av___ws.exe 2014-10-21 07:38 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-13 15:45 - 2013-09-25 09:14 - 01801184 _____ () C:\Windows\WindowsUpdate.log 2014-11-13 15:13 - 2014-08-11 11:33 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-13 14:36 - 2008-05-07 19:04 - 00000147 _____ () C:\Windows\system32\agent.log 2014-11-13 14:36 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-13 14:36 - 2006-11-02 13:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-13 14:36 - 2006-11-02 13:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-13 14:35 - 2013-09-27 05:57 - 00709826 _____ () C:\Windows\PFRO.log 2014-11-13 14:30 - 2009-02-04 09:48 - 00000012 _____ () C:\Windows\bthservsdp.dat 2014-11-13 14:30 - 2006-11-02 14:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-13 13:14 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache 2014-11-13 13:11 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-13 12:52 - 2006-11-02 13:47 - 00427112 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-13 12:49 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE 2014-11-07 17:46 - 2009-01-12 21:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-11-07 17:42 - 2011-11-05 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-11-07 17:42 - 2008-05-07 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone 2014-11-07 17:40 - 2008-10-31 09:15 - 00000000 ____D () C:\Users\admin\AppData\Local\Microsoft Help 2014-11-07 17:38 - 2010-02-11 14:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype 2014-11-07 17:38 - 2009-01-12 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2014-11-07 17:38 - 2008-11-26 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 9 QuickStart 2014-11-07 17:38 - 2008-05-07 18:51 - 00000000 ____D () C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} 2014-11-07 17:33 - 2008-12-02 11:11 - 00000826 _____ () C:\Users\admin\Desktop\pwsafe.lnk 2014-11-07 17:33 - 2008-11-21 09:47 - 00000657 _____ () C:\Users\admin\Desktop\Microsoft Rechner-Plus.lnk 2014-11-07 16:26 - 2013-10-11 11:35 - 00000000 ____D () C:\Users\admin\AppData\Local\DoNotTrackPlus 2014-11-07 16:23 - 2011-11-22 07:59 - 00000000 ____D () C:\Users\admin\AppData\Local\CrashDumps 2014-11-07 16:20 - 2011-10-24 12:27 - 00000000 ____D () C:\Users\klaus\AppData\Local\CrashDumps 2014-11-07 16:19 - 2012-03-28 09:49 - 00000000 ____D () C:\ProgramData\Avira 2014-11-04 15:46 - 2013-10-11 16:44 - 00001822 _____ () C:\Users\klaus\Desktop\Entfernen des Avira EU-Cleaners.lnk 2014-11-04 15:46 - 2013-10-11 16:44 - 00001766 _____ () C:\Users\klaus\Desktop\Avira EU-Cleaner.lnk 2014-11-04 15:38 - 2012-10-24 10:32 - 00000000 ____D () C:\Program Files\Claro LTD 2014-11-04 15:09 - 2014-08-11 11:33 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-04 15:09 - 2014-08-11 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-04 15:09 - 2014-08-11 11:32 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-10-21 08:34 - 2008-05-07 18:46 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-21 08:22 - 2013-08-14 16:18 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-21 07:40 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe ZeroAccess: C:\Users\klaus\AppData\Local\Google\Desktop\Install ZeroAccess: C:\Program Files\Google\Desktop\Install Some content of TEMP: ==================== C:\Users\admin\AppData\Local\Temp\RtkBtMnt.exe C:\Users\jakob\AppData\Local\Temp\AskSLib.dll C:\Users\jakob\AppData\Local\Temp\RtkBtMnt.exe C:\Users\klaus\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\klaus\AppData\Local\Temp\RtkBtMnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-13 14:41 ==================== End Of Log ============================ |
18.11.2014, 16:44 | #4 |
| Der Sicherheitscenterdienst konnte nicht eingeschaltet werden (Vista / SP 2) Hallo, ich habe wie gewünscht alles gepostet. Gibt es ein Problem oder hast Du es einfach zeitmäßig nicht geschafft mal drauf zu sehen? Geändert von cosinus (18.11.2014 um 21:45 Uhr) Grund: sinnfreien FQ entfernt |
18.11.2014, 21:44 | #5 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Der Sicherheitscenterdienst konnte nicht eingeschaltet werden (Vista / SP 2) Nein, du hast nicht alles gepostet. Ich hab da auf mehr gewartet aber du meldest dich erst jetzt wieder. Es fehlen folgende Logs: - Virenscannerlogs mit Funden (falls vorhanden bzw. falls es Funde gab von zB Malwarebytes oder deinem AV-Programm - Addition.txt von FRST, du hast nur das Hauptlog (FRST.txt) gepostet abgesehen davon bitte ich dich, die Anleitungen sorgfältiger lesen und umzusetzen, denn das FRST-Log verrät mir Zitat:
Und bitte keine sinnfreien Vollzitate mehr machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Der Sicherheitscenterdienst konnte nicht eingeschaltet werden (Vista / SP 2) |
aktiviere, automatische, avira, computer, fehler, firewall, folge, folgendes, hallo zusammen, home, laufen, malwarebytes, meldung, problem, quarantäne, schei, tan, tool, updates, verhalten, vista, vista home premium, windows-update, zonealarm, zusammen |