|
Log-Analyse und Auswertung: seitenaufrufe durch adware?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.02.2014, 21:54 | #1 | |||||
| seitenaufrufe durch adware? hallo, sobald ich mit firefox seiten aufrufe, sehe ich unten links wie von unterschiedlichsten seiten daten übertragen werden. mit einem adblocker liess sich dies vermindern, aber nicht ganz bereinigen. wo liegt hierfür die ursache?: hier mal die logfiles. antivir hatte nichts gefunden... Zitat:
Zitat:
Zitat:
Zitat:
Zitat:
|
03.02.2014, 22:30 | #2 |
/// the machine /// TB-Ausbilder | seitenaufrufe durch adware? Hi,
__________________Firefox komplett deinstallieren, keine Daten behalten, neu installieren. Frisches FRST Log bitte. So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
03.02.2014, 22:58 | #3 |
| seitenaufrufe durch adware? komplett deinsatlliert und nun hier der log:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04 Ran by andy (administrator) on ANDY-PC on 03-02-2014 22:54:00 Running from C:\Users\andy\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) C:\Windows\SysWOW64\nipalsm.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) C:\Windows\SysWOW64\nipxism.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (Dropbox, Inc.) C:\Users\andy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Farbar) C:\Users\andy\Downloads\FRST64(1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4123 2012-01-20] () HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2012-05-15] (Broadcom Corporation) HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated) HKLM\...\Run: [InstantUpdate] - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-06] () HKLM\...\Run: [EKAIO2StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI.exe [3240448 2011-12-10] (Eastman Kodak Company) HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-24] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [NI Update Service] - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [851592 2012-06-08] (National Instruments) HKLM-x32\...\Run: [niDevMon] - C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [110224 2012-02-03] (National Instruments Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-4006576180-2490065740-1952747537-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] () HKU\S-1-5-21-4006576180-2490065740-1952747537-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-4006576180-2490065740-1952747537-1001\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [846520 2010-06-21] () AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260928 2012-03-21] (NVIDIA Corporation) Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\Users\andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\andy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0D987C07-9CC3-45DF-8262-FB82E80686E0} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {1E5F9C11-76A0-4BCC-B931-9197629C22B1} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {2BBCD450-8603-4F1C-9608-3E3902B2AAFB} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {6463CEFB-43DD-438C-98AA-4806768E1FCD} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {6499AE8E-6EEE-40FF-B5DB-B89CC8C406A9} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {CAC5F19A-DD92-4689-811C-C5A9105F5261} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {F67320D0-AA36-41E4-9E96-C10561EE9E0A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=73D3676C-D8EF-4233-AD89-89C3AD4C76B8&apn_sauid=E43A57EF-14D7-47E5-9F0F-C9695126B98C BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Winsock: Catalog5 11 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320] (National Instruments Corporation) Winsock: Catalog5-x64 11 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26368] (National Instruments Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\andy\AppData\Roaming\Mozilla\Firefox\Profiles\zsgxzqsc.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-24] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-24] (Avira Operations GmbH & Co. KG) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation) R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2011-05-06] (National Instruments, Inc.) R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [50328 2012-06-05] (National Instruments Corporation) R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [60568 2012-06-05] (National Instruments Corporation) R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [51360 2012-05-22] (National Instruments Corporation) R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [53960 2012-05-22] (National Instruments Corporation) S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [76488 2012-05-22] (National Instruments Corporation) R2 nidevldu; C:\Windows\SysWOW64\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation) R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [370328 2012-06-05] (National Instruments Corporation) S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation) R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-05-31] (National Instruments Corporation) R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [169192 2012-06-05] (National Instruments Corporation) R2 nipxirmu; C:\Windows\SysWOW64\nipxism.exe [18584 2012-03-14] (National Instruments Corporation) R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [53952 2012-05-22] (National Instruments Corporation) R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [680624 2012-06-07] (National Instruments Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation) S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2012-05-15] (Broadcom Corporation) S3 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-24] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-03-21] (Broadcom Corporation.) S3 lvalarmk; C:\Windows\system32\drivers\lvalarmk.sys [25296 2012-06-12] (National Instruments Corporation) S3 ni1006k; C:\Windows\system32\drivers\ni1006k.sys [30800 2012-03-06] (National Instruments Corporation) S3 ni1045k; C:\Windows\system32\drivers\ni1045kl.sys [12952 2012-03-06] (National Instruments Corporation) S3 ni1065k; C:\Windows\system32\drivers\ni1065k.sys [27288 2012-03-06] (National Instruments Corporation) S3 nicdcck; C:\Windows\system32\drivers\nicdcckl.sys [12952 2012-02-05] (National Instruments Corporation) S3 nicdrk; C:\Windows\system32\drivers\nicdrkl.sys [11864 2010-08-12] (National Instruments Corporation) S3 nicmrk; C:\Windows\system32\drivers\nicmrkl.sys [13008 2012-06-15] (National Instruments Corporation) S3 nicondrk; C:\Windows\system32\drivers\nicondrkl.sys [12976 2012-06-15] (National Instruments Corporation) S3 nicsrk; C:\Windows\system32\drivers\nicsrkl.sys [12976 2012-06-15] (National Instruments Corporation) R3 nidimk; C:\Windows\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation) S3 nidmxfk; C:\Windows\system32\drivers\nidmxfkl.sys [12944 2012-02-06] (National Instruments Corporation) S3 nidsark; C:\Windows\system32\drivers\nidsarkl.sys [12992 2012-06-18] (National Instruments Corporation) S3 niemrk; C:\Windows\system32\drivers\niemrkl.sys [12944 2012-02-20] (National Instruments Corporation) S3 niesrk; C:\Windows\system32\drivers\niesrkl.sys [12944 2012-02-06] (National Instruments Corporation) R3 NIEthernetDeviceEnumerator; C:\Windows\System32\DRIVERS\niede.sys [38064 2010-06-15] (National Instruments Corporation) S3 nifslk; C:\Windows\system32\drivers\nifslkl.sys [12960 2012-02-03] (National Instruments Corporation) R3 nimdbgk; C:\Windows\system32\drivers\nimdbgkl.sys [12960 2011-07-01] (National Instruments Corporation) R3 nimru2k; C:\Windows\system32\drivers\nimru2kl.sys [12968 2012-02-03] (National Instruments Corporation) S3 nimsdrk; C:\Windows\system32\drivers\nimsdrkl.sys [13000 2012-02-17] (National Instruments Corporation) R3 nimstsk; C:\Windows\system32\drivers\nimstskl.sys [12968 2012-02-06] (National Instruments Corporation) R3 nimxdfk; C:\Windows\system32\drivers\nimxdfkl.sys [12952 2011-07-01] (National Instruments Corporation) S3 nimxpk; C:\Windows\system32\drivers\nimxpkl.sys [12976 2012-02-13] (National Instruments Corporation) S3 ninshsdk; C:\Windows\system32\drivers\ninshsdkl.sys [12968 2011-05-17] (National Instruments Corporation) S3 niorbk; C:\Windows\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation) S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [914624 2012-06-06] (National Instruments Corporation) S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [16984 2012-01-12] (National Instruments Corporation) R0 nipxibaf; C:\Windows\System32\drivers\nipxibaf.sys [84688 2012-03-06] (National Instruments Corporation) R0 nipxibrc; C:\Windows\System32\drivers\nipxibrc.sys [60640 2012-04-16] (National Instruments Corporation) S3 nipxigpk; C:\Windows\system32\drivers\nipxigpk.sys [22680 2011-08-09] (National Instruments Corporation) R2 nipxirmk; C:\Windows\system32\drivers\nipxirmkl.sys [12952 2012-03-14] (National Instruments Corporation) S3 niraptrk; C:\Windows\system32\drivers\niraptrkl.sys [12976 2012-06-15] (National Instruments Corporation) S3 niraptrkw; C:\Windows\System32\DRIVERS\niraptrkw.sys [12464 2012-06-15] (National Instruments Corporation) S3 niscdk; C:\Windows\system32\drivers\niscdkl.sys [12984 2012-03-07] (National Instruments Corporation) S3 nisdigk; C:\Windows\system32\drivers\nisdigkl.sys [12960 2012-02-05] (National Instruments Corporation) S3 nisftk; C:\Windows\system32\drivers\nisftkl.sys [12952 2011-07-08] (National Instruments Corporation) S3 nispdk; C:\Windows\system32\drivers\nispdkl.sys [12984 2012-03-07] (National Instruments Corporation) S3 nissrk; C:\Windows\system32\drivers\nissrkl.sys [12944 2012-02-06] (National Instruments Corporation) S3 nistc2k; C:\Windows\system32\drivers\nistc2kl.sys [11824 2009-01-05] (National Instruments Corporation) S3 nistc3rk; C:\Windows\system32\drivers\nistc3rkl.sys [12936 2012-02-05] (National Instruments Corporation) S3 nistcrk; C:\Windows\system32\drivers\nistcrkl.sys [12968 2011-07-18] (National Instruments Corporation) S3 niswdk; C:\Windows\system32\drivers\niswdkl.sys [12936 2012-02-07] (National Instruments Corporation) S3 nitiork; C:\Windows\system32\drivers\nitiorkl.sys [12968 2012-02-05] (National Instruments Corporation) S3 niufurk; C:\Windows\system32\drivers\niufurkl.sys [12968 2012-03-29] (National Instruments Corporation) S3 niufurkw; C:\Windows\System32\DRIVERS\niufurkw.sys [12456 2012-03-29] (National Instruments Corporation) S3 niwfrk; C:\Windows\system32\drivers\niwfrkl.sys [12944 2012-02-06] (National Instruments Corporation) S3 nixsrk; C:\Windows\system32\drivers\nixsrkl.sys [12944 2012-02-20] (National Instruments Corporation) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation) S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.) S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x] S3 usb6xxxk; \??\C:\Windows\system32\drivers\usb6xxxkl.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-03 22:53 - 2014-02-03 22:53 - 02080256 _____ (Farbar) C:\Users\andy\Downloads\FRST64(1).exe 2014-02-03 22:50 - 2014-02-03 22:50 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-02-03 22:50 - 2014-02-03 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-03 21:42 - 2014-02-03 21:42 - 00001163 _____ () C:\Users\andy\Desktop\AdwCleaner[S2].txt 2014-02-03 21:39 - 2014-02-03 21:39 - 00000056 _____ () C:\Windows\setupact.log 2014-02-03 21:39 - 2014-02-03 21:39 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-03 21:38 - 2014-02-03 21:38 - 00001010 _____ () C:\Windows\PFRO.log 2014-02-03 21:37 - 2014-02-03 21:37 - 00001099 _____ () C:\Users\andy\Desktop\AdwCleaner[R2].txt 2014-02-03 21:34 - 2014-02-03 21:35 - 01166132 _____ () C:\Users\andy\Downloads\adwcleaner(2).exe 2014-02-03 21:25 - 2014-02-03 21:25 - 00380416 _____ () C:\Users\andy\Downloads\m671ix9f.exe 2014-02-03 21:25 - 2014-02-03 21:25 - 00380416 _____ () C:\Users\andy\Downloads\Gmer-19357(1).exe 2014-02-03 21:23 - 2014-02-03 21:23 - 00380416 _____ () C:\Users\andy\Downloads\Gmer-19357.exe 2014-02-03 21:22 - 2014-02-03 21:22 - 00068280 _____ () C:\Users\andy\Desktop\Addition.txt 2014-02-03 21:22 - 2014-02-03 21:22 - 00036531 _____ () C:\Users\andy\Desktop\FRST.txt 2014-02-03 21:21 - 2014-02-03 21:22 - 00068280 _____ () C:\Users\andy\Downloads\Addition.txt 2014-02-03 21:20 - 2014-02-03 22:54 - 00026809 _____ () C:\Users\andy\Downloads\FRST.txt 2014-02-03 21:20 - 2014-02-03 22:54 - 00000000 ____D () C:\FRST 2014-02-03 21:20 - 2014-02-03 21:20 - 02080256 _____ (Farbar) C:\Users\andy\Downloads\FRST64.exe 2014-02-03 21:19 - 2014-02-03 21:19 - 00000000 _____ () C:\Users\andy\defogger_reenable 2014-02-03 21:18 - 2014-02-03 21:19 - 00000470 _____ () C:\Users\andy\Downloads\defogger_disable.log 2014-02-03 21:18 - 2014-02-03 21:18 - 00050477 _____ () C:\Users\andy\Downloads\Defogger.exe 2014-02-03 21:18 - 2014-02-03 21:18 - 00000242 _____ () C:\Users\andy\Downloads\defogger_enable.log 2014-02-03 19:02 - 2014-02-03 19:02 - 00015438 _____ () C:\Users\andy\Desktop\bericht.txt 2014-02-03 13:14 - 2014-02-03 15:48 - 00000000 ____D () C:\Users\andy\Documents\Anti-Malware 2014-02-03 13:11 - 2014-02-03 13:14 - 239190624 _____ (Emsisoft GmbH ) C:\Users\andy\Downloads\EmsisoftAntiMalwareSetup.exe 2014-02-03 13:02 - 2014-02-03 13:02 - 00283096 _____ (Mozilla) C:\Users\andy\Downloads\Firefox Setup Stub 26.0.exe 2014-02-03 13:02 - 2014-02-03 13:02 - 00283096 _____ (Mozilla) C:\Users\andy\Desktop\Firefox Setup Stub 26.0.exe 2014-02-03 12:51 - 2014-02-03 12:51 - 04721920 _____ (Piriform Ltd) C:\Users\andy\Downloads\ccsetup410.exe 2014-02-02 01:54 - 2014-02-02 02:10 - 00000000 ____D () C:\Program Files (x86)\Google 2014-02-02 01:54 - 2014-02-02 01:59 - 00000000 ____D () C:\Users\andy\AppData\Local\Google 2014-02-02 01:54 - 2014-02-02 01:54 - 29393568 _____ (SUPERAntiSpyware) C:\Users\andy\Downloads\SUPERAntiSpyware.exe 2014-02-02 01:54 - 2014-02-02 01:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-02-02 01:40 - 2014-02-02 01:40 - 01166132 _____ () C:\Users\andy\Downloads\adwcleaner(1).exe 2014-01-15 10:01 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 10:01 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 10:01 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-10 22:39 - 2014-01-10 22:39 - 01190494 _____ () C:\Users\andy\Downloads\EG_Korrelation_LV2011.vi 2014-01-10 22:38 - 2014-01-10 22:38 - 00662570 _____ () C:\Users\andy\Downloads\EG_Korrelation.vi 2014-01-06 15:13 - 2014-01-06 15:22 - 00009216 ____H () C:\Users\andy\Desktop\Blatt 6 Aufgabe 4.v11.suo ==================== One Month Modified Files and Folders ======= 2014-02-03 22:54 - 2014-02-03 21:20 - 00026809 _____ () C:\Users\andy\Downloads\FRST.txt 2014-02-03 22:54 - 2014-02-03 21:20 - 00000000 ____D () C:\FRST 2014-02-03 22:53 - 2014-02-03 22:53 - 02080256 _____ (Farbar) C:\Users\andy\Downloads\FRST64(1).exe 2014-02-03 22:50 - 2014-02-03 22:50 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-02-03 22:50 - 2014-02-03 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-03 22:50 - 2013-12-26 12:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-03 22:50 - 2012-10-19 14:09 - 00000000 ____D () C:\Users\andy\AppData\Roaming\Mozilla 2014-02-03 22:21 - 2012-03-26 08:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-03 21:48 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-03 21:48 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-03 21:44 - 2013-11-22 14:43 - 00000544 _____ () C:\Windows\Tasks\MATLAB R2013b Startup Accelerator.job 2014-02-03 21:42 - 2014-02-03 21:42 - 00001163 _____ () C:\Users\andy\Desktop\AdwCleaner[S2].txt 2014-02-03 21:42 - 2012-10-21 11:05 - 00000000 ___RD () C:\Users\andy\Dropbox 2014-02-03 21:42 - 2012-10-21 10:40 - 00000000 ____D () C:\Users\andy\AppData\Roaming\Dropbox 2014-02-03 21:39 - 2014-02-03 21:39 - 00000056 _____ () C:\Windows\setupact.log 2014-02-03 21:39 - 2014-02-03 21:39 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-03 21:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-03 21:38 - 2014-02-03 21:38 - 00001010 _____ () C:\Windows\PFRO.log 2014-02-03 21:37 - 2014-02-03 21:37 - 00001099 _____ () C:\Users\andy\Desktop\AdwCleaner[R2].txt 2014-02-03 21:37 - 2013-10-02 16:37 - 00000000 ____D () C:\AdwCleaner 2014-02-03 21:37 - 2012-05-15 09:06 - 01737228 _____ () C:\Windows\WindowsUpdate.log 2014-02-03 21:35 - 2014-02-03 21:34 - 01166132 _____ () C:\Users\andy\Downloads\adwcleaner(2).exe 2014-02-03 21:25 - 2014-02-03 21:25 - 00380416 _____ () C:\Users\andy\Downloads\m671ix9f.exe 2014-02-03 21:25 - 2014-02-03 21:25 - 00380416 _____ () C:\Users\andy\Downloads\Gmer-19357(1).exe 2014-02-03 21:23 - 2014-02-03 21:23 - 00380416 _____ () C:\Users\andy\Downloads\Gmer-19357.exe 2014-02-03 21:22 - 2014-02-03 21:22 - 00068280 _____ () C:\Users\andy\Desktop\Addition.txt 2014-02-03 21:22 - 2014-02-03 21:22 - 00036531 _____ () C:\Users\andy\Desktop\FRST.txt 2014-02-03 21:22 - 2014-02-03 21:21 - 00068280 _____ () C:\Users\andy\Downloads\Addition.txt 2014-02-03 21:20 - 2014-02-03 21:20 - 02080256 _____ (Farbar) C:\Users\andy\Downloads\FRST64.exe 2014-02-03 21:19 - 2014-02-03 21:19 - 00000000 _____ () C:\Users\andy\defogger_reenable 2014-02-03 21:19 - 2014-02-03 21:18 - 00000470 _____ () C:\Users\andy\Downloads\defogger_disable.log 2014-02-03 21:19 - 2012-10-19 13:59 - 00000000 ____D () C:\Users\andy 2014-02-03 21:18 - 2014-02-03 21:18 - 00050477 _____ () C:\Users\andy\Downloads\Defogger.exe 2014-02-03 21:18 - 2014-02-03 21:18 - 00000242 _____ () C:\Users\andy\Downloads\defogger_enable.log 2014-02-03 19:02 - 2014-02-03 19:02 - 00015438 _____ () C:\Users\andy\Desktop\bericht.txt 2014-02-03 15:48 - 2014-02-03 13:14 - 00000000 ____D () C:\Users\andy\Documents\Anti-Malware 2014-02-03 13:14 - 2014-02-03 13:11 - 239190624 _____ (Emsisoft GmbH ) C:\Users\andy\Downloads\EmsisoftAntiMalwareSetup.exe 2014-02-03 13:02 - 2014-02-03 13:02 - 00283096 _____ (Mozilla) C:\Users\andy\Downloads\Firefox Setup Stub 26.0.exe 2014-02-03 13:02 - 2014-02-03 13:02 - 00283096 _____ (Mozilla) C:\Users\andy\Desktop\Firefox Setup Stub 26.0.exe 2014-02-03 12:57 - 2012-10-19 14:02 - 00000000 ___RD () C:\Users\andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-03 12:51 - 2014-02-03 12:51 - 04721920 _____ (Piriform Ltd) C:\Users\andy\Downloads\ccsetup410.exe 2014-02-03 12:51 - 2012-10-19 14:30 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-03 12:51 - 2012-10-19 14:29 - 00000000 ____D () C:\Program Files\CCleaner 2014-02-02 02:10 - 2014-02-02 01:54 - 00000000 ____D () C:\Program Files (x86)\Google 2014-02-02 01:59 - 2014-02-02 01:54 - 00000000 ____D () C:\Users\andy\AppData\Local\Google 2014-02-02 01:54 - 2014-02-02 01:54 - 29393568 _____ (SUPERAntiSpyware) C:\Users\andy\Downloads\SUPERAntiSpyware.exe 2014-02-02 01:54 - 2014-02-02 01:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-02-02 01:40 - 2014-02-02 01:40 - 01166132 _____ () C:\Users\andy\Downloads\adwcleaner(1).exe 2014-02-02 01:09 - 2012-11-06 23:23 - 00000000 ____D () C:\Users\andy\Desktop\Studium 2014-02-01 21:57 - 2012-12-20 10:20 - 00000000 ____D () C:\Users\andy\.maplesoft 2014-01-21 23:18 - 2013-06-04 09:14 - 00000000 ____D () C:\Users\andy\Desktop\Büro 2014-01-18 17:11 - 2013-05-07 12:26 - 00000000 ____D () C:\Users\andy\Documents\Visual Studio 2012 2014-01-18 11:29 - 2012-12-27 16:47 - 00000876 _____ () C:\Windows\wininit.ini 2014-01-18 11:29 - 2012-10-21 10:40 - 00000000 ____D () C:\Users\andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-01-17 20:34 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-01-16 09:13 - 2012-05-15 18:59 - 01247894 _____ () C:\Windows\system32\perfh007.dat 2014-01-16 09:13 - 2012-05-15 18:59 - 00325640 _____ () C:\Windows\system32\perfc007.dat 2014-01-16 09:13 - 2009-07-14 06:13 - 00006484 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-01-16 07:18 - 2009-07-14 05:45 - 00333016 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-01-10 22:39 - 2014-01-10 22:39 - 01190494 _____ () C:\Users\andy\Downloads\EG_Korrelation_LV2011.vi 2014-01-10 22:38 - 2014-01-10 22:38 - 00662570 _____ () C:\Users\andy\Downloads\EG_Korrelation.vi 2014-01-09 09:51 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-06 15:22 - 2014-01-06 15:13 - 00009216 ____H () C:\Users\andy\Desktop\Blatt 6 Aufgabe 4.v11.suo Some content of TEMP: ==================== C:\Users\andy\AppData\Local\Temp\avgnt.exe C:\Users\andy\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-01 14:31 ==================== End Of Log ============================ |
04.02.2014, 17:13 | #4 |
/// the machine /// TB-Ausbilder | seitenaufrufe durch adware? Noch probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
04.02.2014, 17:25 | #5 |
| seitenaufrufe durch adware? leider ja, es tauchen dort noch diverse links auf wie z.b.: service.cdn.videoplaza.tv ad.ad-srv.net... ad3.adfarm1.adition.com ad.de.doubleclick.net um was handelt es sich da genau? es ließe sich ja sicherlich mit einem adblocker blockieren, aber mich interessiert es dann schon, wo dies auf einmal herkommt? vielen dank schon mal :-) |
05.02.2014, 12:25 | #6 |
/// the machine /// TB-Ausbilder | seitenaufrufe durch adware? In Firefox obwohl er neu installiert ist? https://support.mozilla.org/de/kb/fi...einfach-loesen Firefox komplett zurücksetzen, dann Adblock Edge als Addon installieren.
__________________ --> seitenaufrufe durch adware? |
05.02.2014, 14:53 | #7 |
| seitenaufrufe durch adware? ja, obwohl firefox neuinstalliert wurde, habe es jetzt nochmals über hilfe zurücksetzten lassen immer noch da. nun Adblock Edge installiert,die links sind weg und die seiten werden wieder wesentlich schneller aufgebaut, aber nun meine frage, wo die ursache, dass dieses Problem auf einmal aufgetreten ist? |
06.02.2014, 10:15 | #8 |
/// the machine /// TB-Ausbilder | seitenaufrufe durch adware? Alles was durch den Adblocker geblockt wird ist "legitime Werbung" und ganz normal. Alles ausserhalb daovn muss weg sein wenn Du FF deinstallierst, keine DAten behälst, neu installierst und dann zurück setzt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
06.02.2014, 17:33 | #9 |
| seitenaufrufe durch adware? ok, d.h. von irgend einer schädlingssoftware sollte ich nicht betroffen sein? |
07.02.2014, 16:40 | #10 |
/// the machine /// TB-Ausbilder | seitenaufrufe durch adware? Wenn Du mit Adblocker nix mehr siehst ist alles gut Kontrollscans: ESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
07.02.2014, 20:51 | #11 |
| seitenaufrufe durch adware?Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=a8ab58a938f0434ba415d5f8b97f5752 # engine=16985 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-02-07 06:48:46 # local_time=2014-02-07 07:48:46 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1799 16775165 100 96 13370 257222216 6156 0 # compatibility_mode=5893 16776573 100 94 13331 143428776 0 0 # scanned=843 # found=0 # cleaned=0 # scan_time=392 ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=a8ab58a938f0434ba415d5f8b97f5752 # engine=16985 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-02-07 07:38:05 # local_time=2014-02-07 08:38:05 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1799 16775165 100 96 16329 257225175 9115 0 # compatibility_mode=5893 16776573 100 94 16290 143431735 0 0 # scanned=122927 # found=0 # cleaned=0 # scan_time=2637 Code:
ATTFilter Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Visual Studio Extensions for Windows Library for JavaScript JavaScript Tooling Java version out of Date! Adobe Flash Player 12.0.0.44 Flash Player out of Date! Adobe Reader 10.1.9 Adobe Reader out of Date! Mozilla Firefox (27.0) Mozilla Thunderbird (24.3.0) ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe Symantec Norton Online Backup NOBuAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by andy (administrator) on ANDY-PC on 07-02-2014 20:48:27 Running from C:\Users\andy\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) C:\Windows\SysWOW64\nipalsm.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) C:\Windows\SysWOW64\nipxism.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (Dropbox, Inc.) C:\Users\andy\AppData\Roaming\Dropbox\bin\Dropbox.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4123 2012-01-20] () HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2012-05-15] (Broadcom Corporation) HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated) HKLM\...\Run: [InstantUpdate] - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-06] () HKLM\...\Run: [EKAIO2StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI.exe [3240448 2011-12-10] (Eastman Kodak Company) HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-24] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [NI Update Service] - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [851592 2012-06-08] (National Instruments) HKLM-x32\...\Run: [niDevMon] - C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [110224 2012-02-03] (National Instruments Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-4006576180-2490065740-1952747537-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] () HKU\S-1-5-21-4006576180-2490065740-1952747537-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-4006576180-2490065740-1952747537-1001\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [846520 2010-06-21] () AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260928 2012-03-21] (NVIDIA Corporation) Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\Users\andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\andy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0D987C07-9CC3-45DF-8262-FB82E80686E0} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {1E5F9C11-76A0-4BCC-B931-9197629C22B1} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {2BBCD450-8603-4F1C-9608-3E3902B2AAFB} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {6463CEFB-43DD-438C-98AA-4806768E1FCD} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {6499AE8E-6EEE-40FF-B5DB-B89CC8C406A9} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {CAC5F19A-DD92-4689-811C-C5A9105F5261} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=a413cd84-8e6f-49c6-af46-8cc1d7599673&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {F67320D0-AA36-41E4-9E96-C10561EE9E0A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=73D3676C-D8EF-4233-AD89-89C3AD4C76B8&apn_sauid=E43A57EF-14D7-47E5-9F0F-C9695126B98C BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Winsock: Catalog5 11 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320] (National Instruments Corporation) Winsock: Catalog5-x64 11 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26368] (National Instruments Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\andy\AppData\Roaming\Mozilla\Firefox\Profiles\fiqvxwa5.default-1391608153776 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Edge - C:\Users\andy\AppData\Roaming\Mozilla\Firefox\Profiles\fiqvxwa5.default-1391608153776\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-02-05] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-24] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-24] (Avira Operations GmbH & Co. KG) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation) R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2011-05-06] (National Instruments, Inc.) R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [50328 2012-06-05] (National Instruments Corporation) R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [60568 2012-06-05] (National Instruments Corporation) R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [51360 2012-05-22] (National Instruments Corporation) R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [53960 2012-05-22] (National Instruments Corporation) S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [76488 2012-05-22] (National Instruments Corporation) R2 nidevldu; C:\Windows\SysWOW64\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation) R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [370328 2012-06-05] (National Instruments Corporation) S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation) R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-05-31] (National Instruments Corporation) R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [169192 2012-06-05] (National Instruments Corporation) R2 nipxirmu; C:\Windows\SysWOW64\nipxism.exe [18584 2012-03-14] (National Instruments Corporation) R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [53952 2012-05-22] (National Instruments Corporation) R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [680624 2012-06-07] (National Instruments Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation) S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2012-05-15] (Broadcom Corporation) S3 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-24] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-03-21] (Broadcom Corporation.) S3 lvalarmk; C:\Windows\system32\drivers\lvalarmk.sys [25296 2012-06-12] (National Instruments Corporation) S3 ni1006k; C:\Windows\system32\drivers\ni1006k.sys [30800 2012-03-06] (National Instruments Corporation) S3 ni1045k; C:\Windows\system32\drivers\ni1045kl.sys [12952 2012-03-06] (National Instruments Corporation) S3 ni1065k; C:\Windows\system32\drivers\ni1065k.sys [27288 2012-03-06] (National Instruments Corporation) S3 nicdcck; C:\Windows\system32\drivers\nicdcckl.sys [12952 2012-02-05] (National Instruments Corporation) S3 nicdrk; C:\Windows\system32\drivers\nicdrkl.sys [11864 2010-08-12] (National Instruments Corporation) S3 nicmrk; C:\Windows\system32\drivers\nicmrkl.sys [13008 2012-06-15] (National Instruments Corporation) S3 nicondrk; C:\Windows\system32\drivers\nicondrkl.sys [12976 2012-06-15] (National Instruments Corporation) S3 nicsrk; C:\Windows\system32\drivers\nicsrkl.sys [12976 2012-06-15] (National Instruments Corporation) R3 nidimk; C:\Windows\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation) S3 nidmxfk; C:\Windows\system32\drivers\nidmxfkl.sys [12944 2012-02-06] (National Instruments Corporation) S3 nidsark; C:\Windows\system32\drivers\nidsarkl.sys [12992 2012-06-18] (National Instruments Corporation) S3 niemrk; C:\Windows\system32\drivers\niemrkl.sys [12944 2012-02-20] (National Instruments Corporation) S3 niesrk; C:\Windows\system32\drivers\niesrkl.sys [12944 2012-02-06] (National Instruments Corporation) R3 NIEthernetDeviceEnumerator; C:\Windows\System32\DRIVERS\niede.sys [38064 2010-06-15] (National Instruments Corporation) S3 nifslk; C:\Windows\system32\drivers\nifslkl.sys [12960 2012-02-03] (National Instruments Corporation) R3 nimdbgk; C:\Windows\system32\drivers\nimdbgkl.sys [12960 2011-07-01] (National Instruments Corporation) R3 nimru2k; C:\Windows\system32\drivers\nimru2kl.sys [12968 2012-02-03] (National Instruments Corporation) S3 nimsdrk; C:\Windows\system32\drivers\nimsdrkl.sys [13000 2012-02-17] (National Instruments Corporation) R3 nimstsk; C:\Windows\system32\drivers\nimstskl.sys [12968 2012-02-06] (National Instruments Corporation) R3 nimxdfk; C:\Windows\system32\drivers\nimxdfkl.sys [12952 2011-07-01] (National Instruments Corporation) S3 nimxpk; C:\Windows\system32\drivers\nimxpkl.sys [12976 2012-02-13] (National Instruments Corporation) S3 ninshsdk; C:\Windows\system32\drivers\ninshsdkl.sys [12968 2011-05-17] (National Instruments Corporation) S3 niorbk; C:\Windows\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation) S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [914624 2012-06-06] (National Instruments Corporation) S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [16984 2012-01-12] (National Instruments Corporation) R0 nipxibaf; C:\Windows\System32\drivers\nipxibaf.sys [84688 2012-03-06] (National Instruments Corporation) R0 nipxibrc; C:\Windows\System32\drivers\nipxibrc.sys [60640 2012-04-16] (National Instruments Corporation) S3 nipxigpk; C:\Windows\system32\drivers\nipxigpk.sys [22680 2011-08-09] (National Instruments Corporation) R2 nipxirmk; C:\Windows\system32\drivers\nipxirmkl.sys [12952 2012-03-14] (National Instruments Corporation) S3 niraptrk; C:\Windows\system32\drivers\niraptrkl.sys [12976 2012-06-15] (National Instruments Corporation) S3 niraptrkw; C:\Windows\System32\DRIVERS\niraptrkw.sys [12464 2012-06-15] (National Instruments Corporation) S3 niscdk; C:\Windows\system32\drivers\niscdkl.sys [12984 2012-03-07] (National Instruments Corporation) S3 nisdigk; C:\Windows\system32\drivers\nisdigkl.sys [12960 2012-02-05] (National Instruments Corporation) S3 nisftk; C:\Windows\system32\drivers\nisftkl.sys [12952 2011-07-08] (National Instruments Corporation) S3 nispdk; C:\Windows\system32\drivers\nispdkl.sys [12984 2012-03-07] (National Instruments Corporation) S3 nissrk; C:\Windows\system32\drivers\nissrkl.sys [12944 2012-02-06] (National Instruments Corporation) S3 nistc2k; C:\Windows\system32\drivers\nistc2kl.sys [11824 2009-01-05] (National Instruments Corporation) S3 nistc3rk; C:\Windows\system32\drivers\nistc3rkl.sys [12936 2012-02-05] (National Instruments Corporation) S3 nistcrk; C:\Windows\system32\drivers\nistcrkl.sys [12968 2011-07-18] (National Instruments Corporation) S3 niswdk; C:\Windows\system32\drivers\niswdkl.sys [12936 2012-02-07] (National Instruments Corporation) S3 nitiork; C:\Windows\system32\drivers\nitiorkl.sys [12968 2012-02-05] (National Instruments Corporation) S3 niufurk; C:\Windows\system32\drivers\niufurkl.sys [12968 2012-03-29] (National Instruments Corporation) S3 niufurkw; C:\Windows\System32\DRIVERS\niufurkw.sys [12456 2012-03-29] (National Instruments Corporation) S3 niwfrk; C:\Windows\system32\drivers\niwfrkl.sys [12944 2012-02-06] (National Instruments Corporation) S3 nixsrk; C:\Windows\system32\drivers\nixsrkl.sys [12944 2012-02-20] (National Instruments Corporation) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation) S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.) S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X] S3 usb6xxxk; \??\C:\Windows\system32\drivers\usb6xxxkl.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-07 20:48 - 2014-02-07 20:48 - 00000000 ____D () C:\Users\andy\Downloads\FRST-OlderVersion 2014-02-07 20:17 - 2014-02-07 20:17 - 00000000 ____D () C:\Users\andy\Desktop\Scans 2014-02-07 19:52 - 2014-02-07 19:52 - 00987425 _____ () C:\Users\andy\Downloads\SecurityCheck(1).exe 2014-02-07 19:51 - 2014-02-07 19:51 - 02347384 _____ (ESET) C:\Users\andy\Downloads\esetsmartinstaller_enu(1).exe 2014-02-07 19:39 - 2014-02-07 19:39 - 02347384 _____ (ESET) C:\Users\andy\Downloads\esetsmartinstaller_enu.exe 2014-02-07 17:15 - 2014-02-07 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-05 15:07 - 2014-02-05 19:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-02-03 22:50 - 2014-02-07 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-03 21:39 - 2014-02-07 19:16 - 00001064 _____ () C:\Windows\setupact.log 2014-02-03 21:39 - 2014-02-03 21:39 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-03 21:38 - 2014-02-04 06:49 - 00001562 _____ () C:\Windows\PFRO.log 2014-02-03 21:34 - 2014-02-03 21:35 - 01166132 _____ () C:\Users\andy\Downloads\adwcleaner(2).exe 2014-02-03 21:25 - 2014-02-03 21:25 - 00380416 _____ () C:\Users\andy\Downloads\m671ix9f.exe 2014-02-03 21:25 - 2014-02-03 21:25 - 00380416 _____ () C:\Users\andy\Downloads\Gmer-19357(1).exe 2014-02-03 21:23 - 2014-02-03 21:23 - 00380416 _____ () C:\Users\andy\Downloads\Gmer-19357.exe 2014-02-03 21:21 - 2014-02-03 21:22 - 00068280 _____ () C:\Users\andy\Downloads\Addition.txt 2014-02-03 21:20 - 2014-02-07 20:48 - 02079744 _____ (Farbar) C:\Users\andy\Downloads\FRST64.exe 2014-02-03 21:20 - 2014-02-07 20:48 - 00027006 _____ () C:\Users\andy\Downloads\FRST.txt 2014-02-03 21:20 - 2014-02-07 20:48 - 00000000 ____D () C:\FRST 2014-02-03 21:19 - 2014-02-03 21:19 - 00000000 _____ () C:\Users\andy\defogger_reenable 2014-02-03 21:18 - 2014-02-03 21:19 - 00000470 _____ () C:\Users\andy\Downloads\defogger_disable.log 2014-02-03 21:18 - 2014-02-03 21:18 - 00050477 _____ () C:\Users\andy\Downloads\Defogger.exe 2014-02-03 21:18 - 2014-02-03 21:18 - 00000242 _____ () C:\Users\andy\Downloads\defogger_enable.log 2014-02-03 13:14 - 2014-02-03 15:48 - 00000000 ____D () C:\Users\andy\Documents\Anti-Malware 2014-02-03 13:11 - 2014-02-03 13:14 - 239190624 _____ (Emsisoft GmbH ) C:\Users\andy\Downloads\EmsisoftAntiMalwareSetup.exe 2014-02-03 13:02 - 2014-02-03 13:02 - 00283096 _____ (Mozilla) C:\Users\andy\Downloads\Firefox Setup Stub 26.0.exe 2014-02-03 12:51 - 2014-02-03 12:51 - 04721920 _____ (Piriform Ltd) C:\Users\andy\Downloads\ccsetup410.exe 2014-02-02 01:54 - 2014-02-02 02:10 - 00000000 ____D () C:\Program Files (x86)\Google 2014-02-02 01:54 - 2014-02-02 01:59 - 00000000 ____D () C:\Users\andy\AppData\Local\Google 2014-02-02 01:54 - 2014-02-02 01:54 - 29393568 _____ (SUPERAntiSpyware) C:\Users\andy\Downloads\SUPERAntiSpyware.exe 2014-02-02 01:54 - 2014-02-02 01:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-02-02 01:40 - 2014-02-02 01:40 - 01166132 _____ () C:\Users\andy\Downloads\adwcleaner(1).exe 2014-01-15 10:01 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 10:01 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 10:01 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 10:01 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-10 22:39 - 2014-01-10 22:39 - 01190494 _____ () C:\Users\andy\Downloads\EG_Korrelation_LV2011.vi 2014-01-10 22:38 - 2014-01-10 22:38 - 00662570 _____ () C:\Users\andy\Downloads\EG_Korrelation.vi ==================== One Month Modified Files and Folders ======= 2014-02-07 20:48 - 2014-02-07 20:48 - 00000000 ____D () C:\Users\andy\Downloads\FRST-OlderVersion 2014-02-07 20:48 - 2014-02-03 21:20 - 02079744 _____ (Farbar) C:\Users\andy\Downloads\FRST64.exe 2014-02-07 20:48 - 2014-02-03 21:20 - 00027006 _____ () C:\Users\andy\Downloads\FRST.txt 2014-02-07 20:48 - 2014-02-03 21:20 - 00000000 ____D () C:\FRST 2014-02-07 20:23 - 2012-05-15 09:06 - 01916946 _____ () C:\Windows\WindowsUpdate.log 2014-02-07 20:21 - 2012-03-26 08:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-07 20:17 - 2014-02-07 20:17 - 00000000 ____D () C:\Users\andy\Desktop\Scans 2014-02-07 19:52 - 2014-02-07 19:52 - 00987425 _____ () C:\Users\andy\Downloads\SecurityCheck(1).exe 2014-02-07 19:51 - 2014-02-07 19:51 - 02347384 _____ (ESET) C:\Users\andy\Downloads\esetsmartinstaller_enu(1).exe 2014-02-07 19:39 - 2014-02-07 19:39 - 02347384 _____ (ESET) C:\Users\andy\Downloads\esetsmartinstaller_enu.exe 2014-02-07 19:16 - 2014-02-03 21:39 - 00001064 _____ () C:\Windows\setupact.log 2014-02-07 18:53 - 2014-02-03 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-07 17:15 - 2014-02-07 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-07 17:08 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-07 17:08 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-07 17:04 - 2013-11-22 14:43 - 00000544 _____ () C:\Windows\Tasks\MATLAB R2013b Startup Accelerator.job 2014-02-07 17:02 - 2012-10-21 10:40 - 00000000 ____D () C:\Users\andy\AppData\Roaming\Dropbox 2014-02-07 17:01 - 2012-10-21 11:05 - 00000000 ___RD () C:\Users\andy\Dropbox 2014-02-07 17:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-05 23:01 - 2012-05-15 18:59 - 01292270 _____ () C:\Windows\system32\perfh007.dat 2014-02-05 23:01 - 2012-05-15 18:59 - 00339848 _____ () C:\Windows\system32\perfc007.dat 2014-02-05 23:01 - 2009-07-14 06:13 - 00006484 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-05 19:36 - 2014-02-05 15:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-02-05 12:21 - 2012-03-26 08:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-05 12:21 - 2012-03-26 08:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-05 12:21 - 2012-03-26 08:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-04 06:49 - 2014-02-03 21:38 - 00001562 _____ () C:\Windows\PFRO.log 2014-02-03 22:50 - 2012-10-19 14:09 - 00000000 ____D () C:\Users\andy\AppData\Roaming\Mozilla 2014-02-03 21:39 - 2014-02-03 21:39 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-03 21:37 - 2013-10-02 16:37 - 00000000 ____D () C:\AdwCleaner 2014-02-03 21:35 - 2014-02-03 21:34 - 01166132 _____ () C:\Users\andy\Downloads\adwcleaner(2).exe 2014-02-03 21:25 - 2014-02-03 21:25 - 00380416 _____ () C:\Users\andy\Downloads\m671ix9f.exe 2014-02-03 21:25 - 2014-02-03 21:25 - 00380416 _____ () C:\Users\andy\Downloads\Gmer-19357(1).exe 2014-02-03 21:23 - 2014-02-03 21:23 - 00380416 _____ () C:\Users\andy\Downloads\Gmer-19357.exe 2014-02-03 21:22 - 2014-02-03 21:21 - 00068280 _____ () C:\Users\andy\Downloads\Addition.txt 2014-02-03 21:19 - 2014-02-03 21:19 - 00000000 _____ () C:\Users\andy\defogger_reenable 2014-02-03 21:19 - 2014-02-03 21:18 - 00000470 _____ () C:\Users\andy\Downloads\defogger_disable.log 2014-02-03 21:19 - 2012-10-19 13:59 - 00000000 ____D () C:\Users\andy 2014-02-03 21:18 - 2014-02-03 21:18 - 00050477 _____ () C:\Users\andy\Downloads\Defogger.exe 2014-02-03 21:18 - 2014-02-03 21:18 - 00000242 _____ () C:\Users\andy\Downloads\defogger_enable.log 2014-02-03 15:48 - 2014-02-03 13:14 - 00000000 ____D () C:\Users\andy\Documents\Anti-Malware 2014-02-03 13:14 - 2014-02-03 13:11 - 239190624 _____ (Emsisoft GmbH ) C:\Users\andy\Downloads\EmsisoftAntiMalwareSetup.exe 2014-02-03 13:02 - 2014-02-03 13:02 - 00283096 _____ (Mozilla) C:\Users\andy\Downloads\Firefox Setup Stub 26.0.exe 2014-02-03 12:57 - 2012-10-19 14:02 - 00000000 ___RD () C:\Users\andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-03 12:51 - 2014-02-03 12:51 - 04721920 _____ (Piriform Ltd) C:\Users\andy\Downloads\ccsetup410.exe 2014-02-03 12:51 - 2012-10-19 14:30 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-03 12:51 - 2012-10-19 14:29 - 00000000 ____D () C:\Program Files\CCleaner 2014-02-02 02:10 - 2014-02-02 01:54 - 00000000 ____D () C:\Program Files (x86)\Google 2014-02-02 01:59 - 2014-02-02 01:54 - 00000000 ____D () C:\Users\andy\AppData\Local\Google 2014-02-02 01:54 - 2014-02-02 01:54 - 29393568 _____ (SUPERAntiSpyware) C:\Users\andy\Downloads\SUPERAntiSpyware.exe 2014-02-02 01:54 - 2014-02-02 01:54 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-02-02 01:40 - 2014-02-02 01:40 - 01166132 _____ () C:\Users\andy\Downloads\adwcleaner(1).exe 2014-02-02 01:09 - 2012-11-06 23:23 - 00000000 ____D () C:\Users\andy\Desktop\Studium 2014-02-01 21:57 - 2012-12-20 10:20 - 00000000 ____D () C:\Users\andy\.maplesoft 2014-01-21 23:18 - 2013-06-04 09:14 - 00000000 ____D () C:\Users\andy\Desktop\Büro 2014-01-18 17:11 - 2013-05-07 12:26 - 00000000 ____D () C:\Users\andy\Documents\Visual Studio 2012 2014-01-18 11:29 - 2012-12-27 16:47 - 00000876 _____ () C:\Windows\wininit.ini 2014-01-18 11:29 - 2012-10-21 10:40 - 00000000 ____D () C:\Users\andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-01-17 20:34 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-01-16 07:18 - 2009-07-14 05:45 - 00333016 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-01-10 22:39 - 2014-01-10 22:39 - 01190494 _____ () C:\Users\andy\Downloads\EG_Korrelation_LV2011.vi 2014-01-10 22:38 - 2014-01-10 22:38 - 00662570 _____ () C:\Users\andy\Downloads\EG_Korrelation.vi 2014-01-09 09:51 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT Some content of TEMP: ==================== C:\Users\andy\AppData\Local\Temp\avgnt.exe C:\Users\andy\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-01 14:31 ==================== End Of Log ============================ |
08.02.2014, 15:05 | #12 |
/// the machine /// TB-Ausbilder | seitenaufrufe durch adware? Java und Adobe Reader updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.02.2014, 08:30 | #14 |
/// the machine /// TB-Ausbilder | seitenaufrufe durch adware? Solange du damit nur die Temps leerst ist alles i.O
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.02.2014, 16:13 | #15 |
| seitenaufrufe durch adware? ok vielen dank nochmals damit hat sich das thema erledigt |
Themen zu seitenaufrufe durch adware? |
4d36e972-e325-11ce-bfc1-08002be10318, adware, adware?, antivirus, avira, bingbar, ccsetup, computer, cpu, defender, desktop, emsisoft, error, excel, firefox, flash player, help, helper, home, msiexec.exe, national, performance, pmmupdate.exe, registrierungsdatenbank, registry, rundll, scan, security, server, software, superantispyware, svchost.exe, symantec, usb, wildtangent games, win64 |