Trojaner-Board
Seite 4 von 4 « Erste 23 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 8: Internet öffnet sich von alleine (nach Runterladen eines Updates) (https://www.trojaner-board.de/145274-windows-8-internet-oeffnet-alleine-runterladen-updates.html)

schrauber 10.01.2014 10:40
Damit werden die Windows Dateien gescannt und ggf repariert, was mit Windows Repair ja failed.

dauer? Unterschiedlich, maximal 2h denke ich.

Anfall 14.01.2014 09:47
Das habe ich jetzt gemacht und das Ergebnis war:
Der Windows-Ressourcenschutz hat keine Integritätsverletzungen gefunden.
Also nichts beschädigt oder so...

Und nu???

schrauber 15.01.2014 09:15
Ok dann bitte jetzt ein frisches FRST Log, was genau gibt es noch an Problemen?

Anfall 15.01.2014 09:21
Stop! Nein. Falsch verstanden. Das Problem ist immer noch da. Ich wollte nur sagen, dass ich mit dieser Maßnahme leider nichts erreicht habe.
also: Die Windows Updates werden immer noch nicht ausgeführt!!!

schrauber 16.01.2014 08:24
Ok dann jetzt die Windows Scheibe und Inplace Upgrade machen.

Anfall 16.01.2014 09:43
Ich habe mal inplace upgrade windows 8 gegoogelt und - aua - was da alles passieren kann. Da wird es mir ganz schlecht. Und außerdem wäre ich gar nicht fit genug, dass alles hinterher wieder zu reparieren, neu aufzuspielen etc.

Gibt es nicht noch eine andere Idee???

schrauber 16.01.2014 17:26
Zitat:
Als Fehlermeldung kommt: Probleme beim Konfigurieren der Windows Updates. Und dann wird alles wieder auf den letzten Stand zurückgesetzt.
Kommt dazu auch ein fehlercode? Screenshot davon bitte.

Anfall 17.01.2014 09:34
Als Fehlermeldung kam mal 80070490. Das habe ich dann auch gegoogelt und wie empfohlen das Systemupdate-Vorbereitungstool ausgeführt. Doch leider ohne Erfolg.

Das Ganze trat ja auf, nachdem ich die Malware entfernt habe. Es muss also damit zusammenhängen. Irgendwas wurde da gelöscht, was aber gebraucht wird. Kann man da nicht ansetzen?

schrauber 17.01.2014 20:44
Zitat:
Das Ganze trat ja auf, nachdem ich die Malware entfernt habe. Es muss also damit zusammenhängen. Irgendwas wurde da gelöscht, was aber gebraucht wird. Kann man da nicht ansetzen?
Nee da wird nix gelöscht, und ausserdem müsste das Repair Tool das können. Poste bitte nochmal en frisches FRST und FSS log.

Anfall 20.01.2014 10:08
Teil 1
Code:
Farbar Service Scanner Version: 05-12-2013
Ran by Evelyn (administrator) on 19-01-2014 at 12:58:10
Running from "C:\Users\Evelyn\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\windows\system32\wuaueng.dll".


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-11-22 09:48] - [2013-09-04 04:11] - 0576512 ____A (Microsoft Corporation) 7C0E0EDF18D6CC565D7BFBB451709FA5

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll
[2013-11-22 09:48] - [2013-10-10 10:20] - 0723968 ____A (Microsoft Corporation) 53AA55632B94622F2DC3695E86EF9363

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2013-12-11 08:36] - [2013-10-08 23:27] - 3279872 ____A (Microsoft Corporation) 311E5E1976E0BD9110A88B93158055D5

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
Teil 2:folgt in nächstem Post

Teil 2:FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014
Ran by Evelyn at 2014-01-19 13:03:36
Running from C:\Users\Evelyn\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Online Armor Firewall (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
Amazon Browser App (x32 Version: 1.0.0.0 - Amazon)
AMD Accelerated Video Transcoding (Version: 12.5.100.20806 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Audials (x32 Version: 10.2.19305.500 - Audials AG)
Avira Antivirus Premium (x32 Version: 14.0.2.286 - Avira)
Brother MFC-9320CW (x32 Version: 1.00 - Brother)
Brother MFL-Pro Suite MFC-9320CW (x32 Version: 3.0.3.0 - Brother Industries, Ltd.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 3.28 - Piriform)
Classic Shell (Version: 3.6.5 - IvoSoft)
CyberGhost VPN (Version:  - CyberGhost S.R.L.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (x32 Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.46.1.0328 - DT Soft Ltd)
Dell Backup and Recovery - Support Software (x32 Version: 1.6.1.1 - Dell Inc.)
Dell Backup and Recovery (x32 Version: 1.6.1.1 - Dell Inc.)
Dell Digital Delivery (x32 Version: 2.2.2000.0 - Dell Products, LP)
Dell Support Center (Version: 3.2.6032.39 - PC-Doctor, Inc.)
Dell System Detect (HKCU Version: 4.0.5.6 - Dell)
Dell Touchpad (Version: 16.3.7.0 - Synaptics Incorporated)
DSC/AA Factory Installer (Version: 3.2.6032.39 - PC-Doctor, Inc.) Hidden
DW WLAN Card Utility (Version: 6.30.59.74 - Dell Inc.)
Emsisoft Anti-Malware (x32 Version: 8.1 - Emsisoft GmbH)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free ISO Creator version 2.8 (x32 Version: 1.2 - Free DVD Creator, DVD Burner, ISO Burner, CD DVD Ripper, CD Maker, Video Converter.)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
GPL Ghostscript (x32 Version: 9.07 - Artifex Software Inc.)
HitmanPro 3.7 (Version: 3.7.8.208 - SurfRight B.V.)
HitmanPro.Alert (Version: 2.0.10.45 - SurfRight B.V.)
Intel(R) Control Center (x32 Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Display Audio Driver (x32 Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.7.0.1013 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Online Armor 7.0 (x32 Version: 7.0 - Emsisoft GmbH)
Palm Desktop (x32 Version: 4.1.0410 - Palm, Inc.)
PDF Architect (x32 Version: 1.0.52.8917 - pdfforge)
PDFCreator (x32 Version: 1.6.2 - pdfforge)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PixiePack Codec Pack (x32 Version: 1.1.1200.0 - None)
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (Version: 10.15.012 - Dell Inc.)
Radiotracker USB (x32 Version: 6.2.11200.0 - RapidSolution Software AG)
Realtek Ethernet Controller All-In-One Windows Driver (x32 Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
System Checkup 3.4 (x32 Version: 3.4.0.47 - iolo technologies, LLC)
TeamViewer 9 (x32 Version: 9.0.24951 - TeamViewer)
TomTom HOME (x32 Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (Version: 2.6.2.0 - Intel)
Unitymedia Online Backup (x32 Version: 2.3.1521.8159 - F-Secure Corporation)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VLC media player 2.0.5 (x32 Version: 2.0.5 - VideoLAN)
WIDCOMM Bluetooth Software (Version: 12.0.0.3900 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

02-01-2014 13:51:28 Windows Update
06-01-2014 07:28:27 Windows Update
10-01-2014 08:24:22 Windows Update
14-01-2014 02:04:24 Windows Update
17-01-2014 07:34:51 Windows Update

==================== Hosts content: ==========================

2012-07-26 06:26 - 2013-12-02 15:25 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {06063A69-99D4-453D-BF79-3925BFBA53D0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {30497F4A-FCB0-41A3-BCE4-97C5D055C378} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {314DD31F-5497-4A05-B846-83A4CD0E075F} - \DigitalSite No Task File
Task: {3F2C7C26-3F1F-40AE-9086-B3BA6624C236} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {502178C9-825B-4DCA-8FFF-1F22056EF3E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-19] (Piriform Ltd)
Task: {6EF54F24-1B9D-4A5F-90AF-D0851CA13B17} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {9306C8B4-9973-42D1-8C85-946FCC97F3F4} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {953DEA35-1265-43BB-820F-DD986912A645} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-07-17] (PC-Doctor, Inc.)
Task: {A1963922-C5D6-4546-948A-D78F6393A915} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-07-17] (PC-Doctor, Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AEB67C64-5765-466B-B540-F3CB637DC42A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D96E7FB8-31F0-47A2-991B-B13CB7713172} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FF6EE9CA-9B2E-4B4A-B012-7CFAC8825C43} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)

==================== Loaded Modules (whitelisted) =============

2013-03-27 21:39 - 2013-03-27 21:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2013-01-29 04:29 - 2012-11-01 23:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-01-29 04:34 - 2012-08-24 01:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 11:54 - 2012-08-06 11:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-03-03 16:08 - 2013-03-03 16:06 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-05-20 15:07 - 2013-05-20 15:07 - 00372392 _____ () C:\windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.135_none_a02ac40d56adfe65\QtXml4.dll
2013-05-20 15:07 - 2013-05-20 15:07 - 08347304 _____ () C:\windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.135_none_a02ac40d56adfe65\QtGui4.dll
2013-05-20 15:07 - 2013-05-20 15:07 - 02256552 _____ () C:\windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.135_none_a02ac40d56adfe65\QtCore4.dll
2010-12-16 16:25 - 2010-12-16 16:25 - 00026112 _____ () C:\Program Files (x86)\Unitymedia\Online Backup\imageformats\qgif4.dll
2010-12-16 16:25 - 2010-12-16 16:25 - 00028160 _____ () C:\Program Files (x86)\Unitymedia\Online Backup\imageformats\qico4.dll
2010-12-16 16:25 - 2010-12-16 16:25 - 00233472 _____ () C:\Program Files (x86)\Unitymedia\Online Backup\imageformats\qmng4.dll
2013-01-28 20:47 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-03-27 23:37 - 2013-03-27 23:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 12:43 - 2013-01-10 12:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2013-03-09 18:16 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-08-18 09:39 - 2013-08-18 09:39 - 00017920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\PSIClient\e1703d2acd816693ae5e6f42cb057951\PSIClient.ni.dll
2013-03-27 21:09 - 2013-03-27 21:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-01-28 20:38 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-05-26 20:18 - 2011-05-26 20:18 - 00136536 _____ () C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-10-14 17:07 - 2013-10-11 22:21 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-02-22 03:05 - 2012-11-26 05:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-02-22 03:05 - 2012-11-26 05:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2013-12-20 09:35 - 2013-12-20 09:35 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 8061.27 MB
Available physical RAM: 5261.46 MB
Total Pagefile: 9277.27 MB
Available Pagefile: 5448.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.73 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:917.16 GB) (Free:822.52 GB) NTFS
Drive i: (TrekStor) (Fixed) (Total:698.64 GB) (Free:82.86 GB) NTFS
Drive x: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.21 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:13.21 GB) (Free:0.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 74E949CD)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 699 GB) (Disk ID: 118DB6F2)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Habe übrigens eben mal in der Ereignisanzeige nachgesehen und dort nach Fehler anzeigen lassen. Was mir auffiel sind die Fehler mit der Quelle ESENT, Ereignis-ID sind 413, 488, 455, 454 und 490.
Sagt dir das was?

schrauber 21.01.2014 09:30
Poste bitte mal den kompletten Inhalt der Meldung.

Anfall 21.01.2014 10:36
Liste der Anhänge anzeigen (Anzahl: 1)
..ich habe dir mal einen Screenshot davon gemacht - siehe Anhang. Anders ging es leider nicht.

schrauber 22.01.2014 08:56
Wenn Du die Meldung mit Doppelklick öfnest kommen mehr Details, die kannste abkopieren und hier einfügen.

Anfall 23.01.2014 20:14
Es ist gelöst!!! Kaum zu glauben, aber es war total einfach.

Irgendwie wurde ich das Gefühl nicht los, dass es mit Online Armor zusammenhängt. Also habe ich dann doch einmal den dortigen Support kontaktiert. Und die Antwort kam prompt: Lernmodus kurzfristig einschalten, die Updates über die Systemsteuerung reinlaufen lassen, neu starten und dann: Alles wird brav konfiguriert.
Danach aber unbedingt wieder den Lernmodus abschalten.

Bitte nimm das hier in das Forum auf, damit es auch andere User erfahren. Denn immerhin wird Online Armor ja auch von euch empfohlen.

Danke für all deine Unterstützung!!!

Hier aber noch eine Frage: Wie steht ihr denn zu der BSI Geschichte???

schrauber 24.01.2014 10:51
alles klar :)

Zitat:
Hier aber noch eine Frage: Wie steht ihr denn zu der BSI Geschichte???
kurz und bündig: wo issen hier der Kotz-Smiley ;)

Das ist Panikmache ohne Sinn und Verstand.


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:23 Uhr.
Seite 4 von 4 « Erste 23 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131