| |
| |||||||
Log-Analyse und Auswertung: Win 7: Internet Explorer öffnet im Hintergrund selberWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.01.2015, 18:37
| #1 |
 |  Win 7: Internet Explorer öffnet im Hintergrund selber Hallo liebe Community, ich habe exakt das selbe Problem wie dieser User. (http://www.trojaner-board.de/161493-...rbeseiten.html) Ich habe Avast als Virenprogramm, welches bisher nicht gemeckert hat. Habe dort auch einen Durchlauf mgemacht, finde aber nicht wo der Logfile ist Ähnlich wie o.g. User, habe ich auch gegoogelt und schon ein paar erfolglose Versuche selber unternommen. Zunächst habe ich Malwarebytes drüber laufen lassen und im Anschluss den Adwarecleaner. Die dazugehörigen Logfiles: Avast: (der sieht iwie komplett anders aus als der von dem User den ich oben verlinkt habe). Code:
ATTFilter avast! Antirootkit, version 1.0 Scan started: Freitag, 2. Januar 2015 09:40:30 Process [0] Process [4] Process C:\Windows\System32\smss.exe [352] Process C:\Windows\System32\csrss.exe [520] Process C:\Windows\System32\csrss.exe [580] Process C:\Windows\System32\wininit.exe [588] Process C:\Windows\System32\winlogon.exe [636] Process C:\Windows\System32\services.exe [684] Process C:\Windows\System32\lsass.exe [692] Process C:\Windows\System32\lsm.exe [700] Process C:\Windows\System32\svchost.exe [808] Process C:\Windows\System32\nvvsvc.exe [888] Process C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [912] Process C:\Windows\System32\svchost.exe [956] Process C:\Windows\System32\svchost.exe [384] Process C:\Windows\System32\svchost.exe [524] Process C:\Windows\System32\svchost.exe [516] Process C:\Windows\System32\svchost.exe [764] Process C:\Windows\System32\audiodg.exe [1096] Process C:\Windows\System32\svchost.exe [1112] Process C:\Windows\System32\svchost.exe [1224] Process C:\Program Files\AVAST Software\Avast\AvastSvc.exe [1300] Process C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1388] Process C:\Windows\System32\nvvsvc.exe [1396] Process C:\Windows\System32\dwm.exe [1592] Process C:\Windows\explorer.exe [1608] Process C:\Windows\System32\spoolsv.exe [1728] Process C:\Windows\System32\taskeng.exe [1736] Process C:\Windows\System32\taskhost.exe [1748] Process C:\Windows\System32\svchost.exe [1840] Process C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2028] Process C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [1084] Process C:\Program Files\Bonjour\mDNSResponder.exe [1688] Process C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [1900] Process C:\Program Files\OO Software\Defrag\oodtray.exe [2004] Process C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1060] Process C:\Program Files\Windows Sidebar\sidebar.exe [2000] Process C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2052] Process C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2268] Process C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2284] Process C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2368] Process C:\Program Files\AVAST Software\Avast\avastui.exe [2412] Process C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2444] Process C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [2492] Process C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2504] Process C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [3028] Process C:\Windows\SysWOW64\svchost.exe [2572] Process C:\Program Files\Intel\iCLS Client\HeciServer.exe [2720] Process C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2928] Process C:\Windows\System32\svchost.exe [1952] Process C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2792] Process C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2692] Process C:\Program Files\OO Software\Defrag\oodag.exe [2576] Process C:\Windows\System32\svchost.exe [3108] Process C:\Windows\System32\PnkBstrA.exe [3140] Process C:\Windows\System32\svchost.exe [3260] Process C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [3624] Process C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [3632] Process C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [3640] Process C:\Windows\System32\conhost.exe [3648] Process C:\Windows\System32\conhost.exe [3672] Process C:\Windows\System32\ViakaraokeSrv.exe [3908] Process C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [3944] Process C:\Windows\System32\wbem\unsecapp.exe [3324] Process C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [2560] Process C:\Windows\System32\wbem\WmiPrvSE.exe [3560] Process C:\Program Files (x86)\Mozilla Firefox\firefox.exe [4412] Process C:\Windows\System32\svchost.exe [4668] Process C:\Windows\System32\svchost.exe [4276] Process C:\Windows\servicing\TrustedInstaller.exe [1184] Process C:\Program Files\Windows Media Player\wmpnetwk.exe [4368] Process C:\Windows\System32\svchost.exe [5440] Process C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe [6068] Process C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [5356] Process C:\Windows\System32\dllhost.exe [5476] Process C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [5420] Process C:\Windows\System32\wbem\WmiPrvSE.exe [1884] Process C:\Program Files (x86)\Internet Explorer\iexplore.exe [5908] Process C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [4980] Process C:\Windows\System32\svchost.exe [5100] Process C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [4632] Process C:\Program Files\Internet Explorer\iexplore.exe [1412] Process C:\Program Files (x86)\Internet Explorer\iexplore.exe [2564] Process C:\Windows\System32\ctfmon.exe [5416] Process C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe [816] Disk 0 MBR Service .NET CLR Data [???] Service .NET CLR Networking [???] Service .NET CLR Networking 4.0.0.0 [???] Service .NET Data Provider for Oracle [???] Service .NET Data Provider for SqlServer [???] Service .NET Memory Cache 4.0 [???] Service .NETFramework [???] Service 1394ohci [C:\Windows\system32\drivers\1394ohci.sys] Service ACPI [C:\Windows\system32\drivers\ACPI.sys] Service AcpiPmi [C:\Windows\system32\drivers\acpipmi.sys] Service AdobeARMservice [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe] Service AdobeFlashPlayerUpdateSvc [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] Service adp94xx [C:\Windows\system32\drivers\adp94xx.sys] Service adpahci [C:\Windows\system32\drivers\adpahci.sys] Service adpu320 [C:\Windows\system32\drivers\adpu320.sys] Service adsi [???] Service AeLookupSvc [C:\Windows\System32\aelupsvc.dll] Service AFD [C:\Windows\system32\drivers\afd.sys] Service agp440 [C:\Windows\system32\drivers\agp440.sys] Service ALG [C:\Windows\System32\alg.exe] Service aliide [C:\Windows\system32\drivers\aliide.sys] Service amdide [C:\Windows\system32\drivers\amdide.sys] Service AmdK8 [C:\Windows\system32\drivers\amdk8.sys] Service AmdPPM [C:\Windows\system32\drivers\amdppm.sys] Service amdsata [C:\Windows\system32\drivers\amdsata.sys] Service amdsbs [C:\Windows\system32\drivers\amdsbs.sys] Service amdxata [C:\Windows\system32\drivers\amdxata.sys] Service AppID [C:\Windows\system32\drivers\appid.sys] Service AppIDSvc [C:\Windows\System32\appidsvc.dll] Service Appinfo [C:\Windows\System32\appinfo.dll] Service Apple Mobile Device [C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe] Service AppleCharger [C:\Windows\system32\DRIVERS\AppleCharger.sys] Service AppleChargerSrv [system32\AppleChargerSrv.exe] Service arc [C:\Windows\system32\drivers\arc.sys] Service arcsas [C:\Windows\system32\drivers\arcsas.sys] Service ASP.NET [???] Service ASP.NET_4.0.30319 [???] Service aspnet_state [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe] Service aswHwid [C:\Windows\system32\drivers\aswHwid.sys] Service aswMonFlt [C:\Windows\system32\drivers\aswMonFlt.sys] Service aswRdr [C:\Windows\system32\drivers\aswRdr2.sys] Service aswRvrt [C:\Windows\System32\Drivers\aswRvrt.sys] Service aswSnx [C:\Windows\system32\drivers\aswSnx.sys] Service aswSP [C:\Windows\system32\drivers\aswSP.sys] Service aswStm [C:\Windows\system32\drivers\aswStm.sys] Service aswVmm [C:\Windows\System32\Drivers\aswVmm.sys] Service AsyncMac [C:\Windows\system32\DRIVERS\asyncmac.sys] Service atapi [C:\Windows\system32\drivers\atapi.sys] Service AudioEndpointBuilder [C:\Windows\System32\Audiosrv.dll] Service AudioSrv [C:\Windows\System32\Audiosrv.dll] Service avast! Antivirus [C:\Program Files\AVAST Software\Avast\AvastSvc.exe] Service AxInstSV [C:\Windows\System32\AxInstSV.dll] Service b06bdrv [C:\Windows\system32\drivers\bxvbda.sys] Service b57nd60a [C:\Windows\system32\DRIVERS\b57nd60a.sys] Service BattC [???] Service BDESVC [C:\Windows\System32\bdesvc.dll] Service Beep [C:\Windows\System32\Drivers\Beep.sys] Service BFE [C:\Windows\System32\bfe.dll] Service BITS [C:\Windows\System32\qmgr.dll] Service blbdrive [C:\Windows\system32\DRIVERS\blbdrive.sys] Service Bonjour Service [C:\Program Files\Bonjour\mDNSResponder.exe] Service bowser [C:\Windows\system32\DRIVERS\bowser.sys] Service BrFiltLo [C:\Windows\system32\drivers\BrFiltLo.sys] Service BrFiltUp [C:\Windows\system32\drivers\BrFiltUp.sys] Service Browser [C:\Windows\System32\browser.dll] Service Brserid [C:\Windows\System32\Drivers\Brserid.sys] Service BrSerWdm [C:\Windows\System32\Drivers\BrSerWdm.sys] Service BrUsbMdm [C:\Windows\System32\Drivers\BrUsbMdm.sys] Service BrUsbSer [C:\Windows\System32\Drivers\BrUsbSer.sys] Service BstHdAndroidSvc [C:\Program Files (x86)\BlueStacks\HD-Service.exe] Service BstHdDrv [C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys] Service BstHdLogRotatorSvc [C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe] Service BstHdUpdaterSvc [C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe] Service BTHMODEM [C:\Windows\system32\drivers\bthmodem.sys] Service BTHPORT [???] Service bthserv [C:\Windows\system32\bthserv.dll] Service cdfs [C:\Windows\system32\DRIVERS\cdfs.sys] Service cdrom [C:\Windows\system32\DRIVERS\cdrom.sys] Service CertPropSvc [C:\Windows\System32\certprop.dll] Service circlass [C:\Windows\system32\drivers\circlass.sys] Service CLFS [C:\Windows\System32\CLFS.sys] Service clr_optimization_v2.0.50727_32 [C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe] Service clr_optimization_v2.0.50727_64 [C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe] Service clr_optimization_v4.0.30319_32 [C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe] Service clr_optimization_v4.0.30319_64 [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe] Service CmBatt [C:\Windows\system32\drivers\CmBatt.sys] Service cmdide [C:\Windows\system32\drivers\cmdide.sys] Service CNG [C:\Windows\System32\Drivers\cng.sys] Service Compbatt [C:\Windows\system32\drivers\compbatt.sys] Service CompositeBus [C:\Windows\system32\DRIVERS\CompositeBus.sys] Service COMSysApp [C:\Windows\system32\dllhost.exe] Service crcdisk [C:\Windows\system32\drivers\crcdisk.sys] Service crypt32 [???] Service CryptSvc [C:\Windows\system32\cryptsvc.dll] Service DCLocator [???] Service DcomLaunch [C:\Windows\system32\rpcss.dll] Service defragsvc [C:\Windows\System32\defragsvc.dll] Service DfsC [C:\Windows\System32\Drivers\dfsc.sys] Service DfSdkS [???] Service Dhcp [C:\Windows\system32\dhcpcore.dll] Service discache [C:\Windows\System32\drivers\discache.sys] Service Disk [C:\Windows\system32\drivers\disk.sys] Service Dnscache [C:\Windows\System32\dnsrslvr.dll] Service dot3svc [C:\Windows\System32\dot3svc.dll] Service Dot4 [C:\Windows\system32\DRIVERS\Dot4.sys] Service Dot4Print [C:\Windows\system32\DRIVERS\Dot4Prt.sys] Service dot4usb [C:\Windows\system32\DRIVERS\dot4usb.sys] Service DPS [C:\Windows\system32\dps.dll] Service DRHARD [C:\Windows\system32\DRIVERS\DRHARD.SYS] Service DRHARD64 [C:\Windows\system32\drivers\DRHARD64.sys] Service DRHMSR64 [C:\Windows\system32\drivers\DRHMSR64.sys] Service drmkaud [C:\Windows\system32\drivers\drmkaud.sys] Service dtsoftbus01 [C:\Windows\system32\DRIVERS\dtsoftbus01.sys] Service DXGKrnl [C:\Windows\System32\drivers\dxgkrnl.sys] Service EapHost [C:\Windows\System32\eapsvc.dll] Service ebdrv [C:\Windows\system32\drivers\evbda.sys] Service EFS [C:\Windows\System32\lsass.exe] Service ehRecvr [C:\Windows\ehome\ehRecvr.exe] Service ehSched [C:\Windows\ehome\ehsched.exe] Service elxstor [C:\Windows\system32\drivers\elxstor.sys] Service ErrDev [C:\Windows\system32\drivers\errdev.sys] Service ESENT [???] Service EtronHub3 [C:\Windows\System32\Drivers\EtronHub3.sys] Service EtronXHCI [C:\Windows\System32\Drivers\EtronXHCI.sys] Service eventlog [C:\Windows\System32\wevtsvc.dll] Service EventSystem [C:\Windows\system32\es.dll] Service exfat [C:\Windows\System32\Drivers\exfat.sys] Service fastfat [C:\Windows\System32\Drivers\fastfat.sys] Service Fax [C:\Windows\system32\fxssvc.exe] Service fdc [C:\Windows\system32\drivers\fdc.sys] Service fdPHost [C:\Windows\system32\fdPHost.dll] Service FDResPub [C:\Windows\system32\fdrespub.dll] Service FileInfo [C:\Windows\system32\drivers\fileinfo.sys] Service Filetrace [C:\Windows\system32\drivers\filetrace.sys] Service flpydisk [C:\Windows\system32\drivers\flpydisk.sys] Service FltMgr [C:\Windows\system32\drivers\fltmgr.sys] Service FontCache [C:\Windows\system32\FntCache.dll] Service FontCache3.0.0.0 [C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe] Service FsDepends [C:\Windows\System32\drivers\FsDepends.sys] Service Fs_Rec [C:\Windows\System32\Drivers\Fs_Rec.sys] Service fvevol [C:\Windows\System32\DRIVERS\fvevol.sys] Service gagp30kx [C:\Windows\system32\drivers\gagp30kx.sys] Service gdrv [C:\Windows\gdrv.sys] Service GEARAspiWDM [C:\Windows\system32\DRIVERS\GEARAspiWDM.sys] Service GfExperienceService [C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe] Service gpsvc [C:\Windows\System32\gpsvc.dll] Service gupdate [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] Service gupdatem [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] Service GVTDrv64 [C:\Windows\GVTDrv64.sys] Service hcw85cir [C:\Windows\system32\drivers\hcw85cir.sys] Service HdAudAddService [C:\Windows\system32\drivers\HdAudio.sys] Service HDAudBus [C:\Windows\system32\DRIVERS\HDAudBus.sys] Service HidBatt [C:\Windows\system32\drivers\HidBatt.sys] Service HidBth [C:\Windows\system32\drivers\hidbth.sys] Service HidIr [C:\Windows\system32\drivers\hidir.sys] Service hidserv [C:\Windows\system32\hidserv.dll] Service HidUsb [C:\Windows\system32\DRIVERS\hidusb.sys] Service hkmsvc [C:\Windows\system32\kmsvc.dll] Service HomeGroupListener [C:\Windows\system32\ListSvc.dll] Service HomeGroupProvider [C:\Windows\system32\provsvc.dll] Service hpqcxs08 [C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll] Service hpqddsvc [C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll] Service HpSAMD [C:\Windows\system32\drivers\HpSAMD.sys] Service HPSLPSVC [C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL] Service HTTP [C:\Windows\system32\drivers\HTTP.sys] Service hwpolicy [C:\Windows\System32\drivers\hwpolicy.sys] Service i8042prt [C:\Windows\system32\DRIVERS\i8042prt.sys] Service iaStorV [C:\Windows\system32\drivers\iaStorV.sys] Service ICCS [C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe] Service IDriverT [C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe] Service idsvc [C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe] Service IEEtwCollectorService [C:\Windows\system32\IEEtwCollector.exe] Service iirsp [C:\Windows\system32\drivers\iirsp.sys] Service IKEEXT [C:\Windows\System32\ikeext.dll] Service inetaccs [???] Service Intel(R) Capability Licensing Service Interface [C:\Program Files\Intel\iCLS Client\HeciServer.exe] Service intelide [C:\Windows\system32\drivers\intelide.sys] Service intelppm [C:\Windows\system32\DRIVERS\intelppm.sys] Service IPBusEnum [C:\Windows\system32\ipbusenum.dll] Service IpFilterDriver [C:\Windows\system32\DRIVERS\ipfltdrv.sys] Service iphlpsvc [C:\Windows\System32\iphlpsvc.dll] Service IPMIDRV [C:\Windows\system32\drivers\IPMIDrv.sys] Service IPNAT [C:\Windows\System32\drivers\ipnat.sys] Service iPod Service [C:\Program Files\iPod\bin\iPodService.exe] Service IRENUM [C:\Windows\system32\drivers\irenum.sys] Service isapnp [C:\Windows\system32\drivers\isapnp.sys] Service iScsiPrt [C:\Windows\system32\drivers\msiscsi.sys] Service iusb3hcs [C:\Windows\system32\DRIVERS\iusb3hcs.sys] Service iusb3hub [C:\Windows\system32\DRIVERS\iusb3hub.sys] Service iusb3xhc [C:\Windows\system32\DRIVERS\iusb3xhc.sys] Service jhi_service [C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe] Service kbdclass [C:\Windows\system32\DRIVERS\kbdclass.sys] Service kbdhid [C:\Windows\system32\DRIVERS\kbdhid.sys] Service KeyIso [C:\Windows\system32\lsass.exe] Service KSecDD [C:\Windows\System32\Drivers\ksecdd.sys] Service KSecPkg [C:\Windows\System32\Drivers\ksecpkg.sys] Service ksthunk [C:\Windows\system32\drivers\ksthunk.sys] Service KtmRm [C:\Windows\system32\msdtckrm.dll] Service L1C [C:\Windows\system32\DRIVERS\L1C62x64.sys] Service LanmanServer [C:\Windows\system32\srvsvc.dll] Service LanmanWorkstation [C:\Windows\System32\wkssvc.dll] Service ldap [???] Service lltdio [C:\Windows\system32\DRIVERS\lltdio.sys] Service lltdsvc [C:\Windows\System32\lltdsvc.dll] Service lmhosts [C:\Windows\System32\lmhsvc.dll] Service LMS [C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe] Service Lsa [???] Service LSI_FC [C:\Windows\system32\drivers\lsi_fc.sys] Service LSI_SAS [C:\Windows\system32\drivers\lsi_sas.sys] Service LSI_SAS2 [C:\Windows\system32\drivers\lsi_sas2.sys] Service LSI_SCSI [C:\Windows\system32\drivers\lsi_scsi.sys] Service luafv [C:\Windows\system32\drivers\luafv.sys] Service Mcx2Svc [C:\Windows\system32\Mcx2Svc.dll] Service megasas [C:\Windows\system32\drivers\megasas.sys] Service MegaSR [C:\Windows\system32\drivers\MegaSR.sys] Service MEIx64 [C:\Windows\system32\DRIVERS\HECIx64.sys] Service MMCSS [C:\Windows\system32\mmcss.dll] Service Modem [C:\Windows\system32\drivers\modem.sys] Service monitor [C:\Windows\system32\DRIVERS\monitor.sys] Service MotioninJoyXFilter [C:\Windows\system32\DRIVERS\MijXfilt.sys] Service mouclass [C:\Windows\system32\DRIVERS\mouclass.sys] Service mouhid [C:\Windows\system32\DRIVERS\mouhid.sys] Service mountmgr [C:\Windows\System32\drivers\mountmgr.sys] Service MozillaMaintenance [C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe] Service mpio [C:\Windows\system32\drivers\mpio.sys] Service mpsdrv [C:\Windows\System32\drivers\mpsdrv.sys] Service MpsSvc [C:\Windows\system32\mpssvc.dll] Service MRxDAV [C:\Windows\system32\drivers\mrxdav.sys] Service mrxsmb [C:\Windows\system32\DRIVERS\mrxsmb.sys] Service mrxsmb10 [C:\Windows\system32\DRIVERS\mrxsmb10.sys] Service mrxsmb20 [C:\Windows\system32\DRIVERS\mrxsmb20.sys] Service msahci [C:\Windows\system32\drivers\msahci.sys] Service msdsm [C:\Windows\system32\drivers\msdsm.sys] Service MSDTC [C:\Windows\System32\msdtc.exe] Service MSDTC Bridge 3.0.0.0 [???] Service MSDTC Bridge 4.0.0.0 [???] Service Msfs [C:\Windows\System32\Drivers\Msfs.sys] Service mshidkmdf [C:\Windows\System32\drivers\mshidkmdf.sys] Service msisadrv [C:\Windows\system32\drivers\msisadrv.sys] Service MSiSCSI [C:\Windows\system32\iscsiexe.dll] Service msiserver [C:\Windows\system32\msiexec.exe] Service MSKSSRV [C:\Windows\system32\drivers\MSKSSRV.sys] Service MSPCLOCK [C:\Windows\system32\drivers\MSPCLOCK.sys] Service MSPQM [C:\Windows\system32\drivers\MSPQM.sys] Service MsRPC [C:\Windows\System32\Drivers\MsRPC.sys] Service MSSCNTRS [???] Service mssmbios [C:\Windows\system32\DRIVERS\mssmbios.sys] Service MSTEE [C:\Windows\system32\drivers\MSTEE.sys] Service MTConfig [C:\Windows\system32\drivers\MTConfig.sys] Service Mup [C:\Windows\System32\Drivers\mup.sys] Service napagent [C:\Windows\system32\qagentRT.dll] Service NativeWifiP [C:\Windows\system32\DRIVERS\nwifi.sys] Service NDIS [C:\Windows\system32\drivers\ndis.sys] Service NdisCap [C:\Windows\system32\DRIVERS\ndiscap.sys] Service NdisTapi [C:\Windows\system32\DRIVERS\ndistapi.sys] Service Ndisuio [C:\Windows\system32\DRIVERS\ndisuio.sys] Service NdisWan [C:\Windows\system32\DRIVERS\ndiswan.sys] Service NDProxy [C:\Windows\System32\Drivers\NDProxy.sys] Service Net Driver HPZ12 [C:\Windows\system32\HPZinw12.dll] Service NetBIOS [C:\Windows\system32\DRIVERS\netbios.sys] Service NetBT [C:\Windows\System32\DRIVERS\netbt.sys] Service Netlogon [C:\Windows\system32\lsass.exe] Service Netman [C:\Windows\System32\netman.dll] Service NetMsmqActivator [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] Service NetPipeActivator [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] Service netprofm [C:\Windows\System32\netprofm.dll] Service NetTcpActivator [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] Service NetTcpPortSharing [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] Service nfrd960 [C:\Windows\system32\drivers\nfrd960.sys] Service NlaSvc [C:\Windows\System32\nlasvc.dll] Service Npfs [C:\Windows\System32\Drivers\Npfs.sys] Service nsi [C:\Windows\system32\nsisvc.dll] Service nsiproxy [C:\Windows\system32\drivers\nsiproxy.sys] Service NTDS [???] Service Ntfs [C:\Windows\System32\Drivers\Ntfs.sys] Service Null [C:\Windows\System32\Drivers\Null.sys] Service nusb3hub [C:\Windows\system32\drivers\nusb3hub.sys] Service nusb3xhc [C:\Windows\system32\drivers\nusb3xhc.sys] Service NVHDA [C:\Windows\system32\drivers\nvhda64v.sys] Service nvlddmkm [C:\Windows\system32\DRIVERS\nvlddmkm.sys] Service NvNetworkService [C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe] Service nvraid [C:\Windows\system32\drivers\nvraid.sys] Service nvstor [C:\Windows\system32\drivers\nvstor.sys] Service NvStreamKms [C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys] Service NvStreamSvc [C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe] Service nvsvc [C:\Windows\system32\nvvsvc.exe] Service nvvad_WaveExtensible [C:\Windows\system32\drivers\nvvad64v.sys] Service nv_agp [C:\Windows\system32\drivers\nv_agp.sys] Service ohci1394 [C:\Windows\system32\drivers\ohci1394.sys] Service OODBS [???] Service OODefragAgent [C:\Program Files\OO Software\Defrag\oodag.exe] Service Origin Client Service [C:\Program Files (x86)\Origin\OriginClientService.exe] Service ose [C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE] Service osppsvc [C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE] Service Outlook [???] Service p2pimsvc [C:\Windows\system32\pnrpsvc.dll] Service p2psvc [C:\Windows\system32\p2psvc.dll] Service Parport [C:\Windows\system32\drivers\parport.sys] Service partmgr [C:\Windows\System32\drivers\partmgr.sys] Service PcaSvc [C:\Windows\System32\pcasvc.dll] Service pci [C:\Windows\system32\drivers\pci.sys] Service pciide [C:\Windows\system32\drivers\pciide.sys] Service pcmcia [C:\Windows\system32\drivers\pcmcia.sys] Service pcw [C:\Windows\System32\drivers\pcw.sys] Service PEAUTH [C:\Windows\system32\drivers\peauth.sys] Service PerfDisk [???] Service PerfHost [C:\Windows\SysWow64\perfhost.exe] Service PerfNet [???] Service PerfOS [???] Service PerfProc [???] Service pla [C:\Windows\system32\pla.dll] Service PlugPlay [C:\Windows\system32\umpnpmgr.dll] Service Pml Driver HPZ12 [C:\Windows\system32\HPZipm12.dll] Service PnkBstrA [C:\Windows\system32\PnkBstrA.exe] Service PNRPAutoReg [C:\Windows\system32\pnrpauto.dll] Service PNRPsvc [C:\Windows\system32\pnrpsvc.dll] Service PolicyAgent [C:\Windows\System32\ipsecsvc.dll] Service PortProxy [???] Service Power [C:\Windows\system32\umpo.dll] Service PptpMiniport [C:\Windows\system32\DRIVERS\raspptp.sys] Service Processor [C:\Windows\system32\drivers\processr.sys] Service ProfSvc [C:\Windows\system32\profsvc.dll] Service ProtectedStorage [C:\Windows\system32\lsass.exe] Service Psched [C:\Windows\system32\DRIVERS\pacer.sys] Service ql2300 [C:\Windows\system32\drivers\ql2300.sys] Service ql40xx [C:\Windows\system32\drivers\ql40xx.sys] Service QWAVE [C:\Windows\system32\qwave.dll] Service QWAVEdrv [C:\Windows\system32\drivers\qwavedrv.sys] Service RasAcd [C:\Windows\System32\DRIVERS\rasacd.sys] Service RasAgileVpn [C:\Windows\system32\DRIVERS\AgileVpn.sys] Service RasAuto [C:\Windows\System32\rasauto.dll] Service Rasl2tp [C:\Windows\system32\DRIVERS\rasl2tp.sys] Service RasMan [C:\Windows\System32\rasmans.dll] Service RasPppoe [C:\Windows\system32\DRIVERS\raspppoe.sys] Service RasSstp [C:\Windows\system32\DRIVERS\rassstp.sys] Service rdbss [C:\Windows\system32\DRIVERS\rdbss.sys] Service rdpbus [C:\Windows\system32\drivers\rdpbus.sys] Service RDPCDD [C:\Windows\System32\DRIVERS\RDPCDD.sys] Service RDPDD [???] Service RDPENCDD [C:\Windows\system32\drivers\rdpencdd.sys] Service RDPNP [???] Service RDPREFMP [C:\Windows\system32\drivers\rdprefmp.sys] Service RDPUDD [???] Service RdpVideoMiniport [C:\Windows\System32\drivers\rdpvideominiport.sys] Service RDPWD [C:\Windows\System32\Drivers\RDPWD.sys] Service rdyboost [C:\Windows\System32\drivers\rdyboost.sys] Service RemoteAccess [C:\Windows\System32\mprdim.dll] Service RemoteRegistry [C:\Windows\system32\regsvc.dll] Service RpcEptMapper [C:\Windows\System32\RpcEpMap.dll] Service RpcLocator [C:\Windows\system32\locator.exe] Service RpcSs [C:\Windows\system32\rpcss.dll] Service rspndr [C:\Windows\system32\DRIVERS\rspndr.sys] Service SamSs [C:\Windows\system32\lsass.exe] Service sbp2port [C:\Windows\system32\drivers\sbp2port.sys] Service SCardSvr [C:\Windows\System32\SCardSvr.dll] Service scfilter [C:\Windows\System32\DRIVERS\scfilter.sys] Service Schedule [C:\Windows\system32\schedsvc.dll] Service SCPolicySvc [C:\Windows\System32\certprop.dll] Service SDRSVC [C:\Windows\System32\SDRSVC.dll] Service secdrv [C:\Windows\System32\Drivers\secdrv.sys] Service seclogon [C:\Windows\system32\seclogon.dll] Service SENS [C:\Windows\System32\sens.dll] Service SensrSvc [C:\Windows\system32\sensrsvc.dll] Service Serenum [C:\Windows\system32\DRIVERS\serenum.sys] Service Serial [C:\Windows\system32\DRIVERS\serial.sys] Service sermouse [C:\Windows\system32\drivers\sermouse.sys] Service ServiceModelEndpoint 3.0.0.0 [???] Service ServiceModelOperation 3.0.0.0 [???] Service ServiceModelService 3.0.0.0 [???] Service SessionEnv [C:\Windows\system32\sessenv.dll] Service sffdisk [C:\Windows\system32\drivers\sffdisk.sys] Service sffp_mmc [C:\Windows\system32\drivers\sffp_mmc.sys] Service sffp_sd [C:\Windows\system32\drivers\sffp_sd.sys] Service sfloppy [C:\Windows\system32\drivers\sfloppy.sys] Service SharedAccess [C:\Windows\System32\ipnathlp.dll] Service ShellHWDetection [C:\Windows\System32\shsvcs.dll] Service SiSRaid2 [C:\Windows\system32\drivers\SiSRaid2.sys] Service SiSRaid4 [C:\Windows\system32\drivers\sisraid4.sys] Service SkypeUpdate [C:\Program Files (x86)\Skype\Updater\Updater.exe] Service Smb [C:\Windows\system32\DRIVERS\smb.sys] Service SMSvcHost 3.0.0.0 [???] Service SMSvcHost 4.0.0.0 [???] Service SNMPTRAP [C:\Windows\System32\snmptrap.exe] Service spldr [C:\Windows\System32\Drivers\spldr.sys] Service Spooler [C:\Windows\System32\spoolsv.exe] Service sppsvc [C:\Windows\system32\sppsvc.exe] Service sppuinotify [C:\Windows\system32\sppuinotify.dll] Service srv [C:\Windows\System32\DRIVERS\srv.sys] Service srv2 [C:\Windows\System32\DRIVERS\srv2.sys] Service srvnet [C:\Windows\System32\DRIVERS\srvnet.sys] Service SSDPSRV [C:\Windows\System32\ssdpsrv.dll] Service SstpSvc [C:\Windows\system32\sstpsvc.dll] Service Steam Client Service [C:\Program Files (x86)\Common Files\Steam\SteamService.exe] Service Stereo Service [C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe] Service stexstor [C:\Windows\system32\drivers\stexstor.sys] Service stisvc [C:\Windows\System32\wiaservc.dll] Service swenum [C:\Windows\system32\DRIVERS\swenum.sys] Service swprv [C:\Windows\System32\swprv.dll] Service SysMain [C:\Windows\system32\sysmain.dll] Service TabletInputService [C:\Windows\System32\TabSvc.dll] Service TapiSrv [C:\Windows\System32\tapisrv.dll] Service TBS [C:\Windows\System32\tbssvc.dll] Service Tcpip [C:\Windows\System32\drivers\tcpip.sys] Service TCPIP6 [C:\Windows\system32\DRIVERS\tcpip.sys] Service TCPIP6TUNNEL [???] Service tcpipreg [C:\Windows\System32\drivers\tcpipreg.sys] Service TCPIPTUNNEL [???] Service TDPIPE [C:\Windows\system32\drivers\tdpipe.sys] Service TDTCP [C:\Windows\system32\drivers\tdtcp.sys] Service tdx [C:\Windows\system32\DRIVERS\tdx.sys] Service TermDD [C:\Windows\system32\DRIVERS\termdd.sys] Service TermService [C:\Windows\System32\termsrv.dll] Service Themes [C:\Windows\system32\themeservice.dll] Service THREADORDER [C:\Windows\system32\mmcss.dll] Service TomTomHOMEService [C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe] Service TrkWks [C:\Windows\System32\trkwks.dll] Service TrustedInstaller [C:\Windows\servicing\TrustedInstaller.exe] Service TSDDD [???] Service tssecsrv [C:\Windows\System32\DRIVERS\tssecsrv.sys] Service TsUsbFlt [C:\Windows\system32\drivers\tsusbflt.sys] Service TsUsbGD [C:\Windows\system32\drivers\TsUsbGD.sys] Service tunnel [C:\Windows\system32\DRIVERS\tunnel.sys] Service uagp35 [C:\Windows\system32\drivers\uagp35.sys] Service udfs [C:\Windows\system32\DRIVERS\udfs.sys] Service UGatherer [???] Service UGTHRSVC [???] Service UI0Detect [C:\Windows\system32\UI0Detect.exe] Service uliagpkx [C:\Windows\system32\drivers\uliagpkx.sys] Service umbus [C:\Windows\system32\DRIVERS\umbus.sys] Service UmPass [C:\Windows\system32\drivers\umpass.sys] Service UNS [C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe] Service upnphost [C:\Windows\System32\upnphost.dll] Service usb [???] Service usbccgp [C:\Windows\system32\DRIVERS\usbccgp.sys] Service usbcir [C:\Windows\system32\drivers\usbcir.sys] Service usbehci [C:\Windows\system32\drivers\usbehci.sys] Service usbhub [C:\Windows\system32\DRIVERS\usbhub.sys] Service usbohci [C:\Windows\system32\drivers\usbohci.sys] Service usbprint [C:\Windows\system32\DRIVERS\usbprint.sys] Service usbscan [C:\Windows\system32\drivers\usbscan.sys] Service USBSTOR [C:\Windows\system32\DRIVERS\USBSTOR.SYS] Service usbuhci [C:\Windows\system32\drivers\usbuhci.sys] Service UxSms [C:\Windows\System32\uxsms.dll] Service VaultSvc [C:\Windows\system32\lsass.exe] Service VBoxDrv [C:\Windows\system32\DRIVERS\VBoxDrv.sys] Service VBoxNetAdp [C:\Windows\system32\DRIVERS\VBoxNetAdp.sys] Service VBoxNetFlt [C:\Windows\system32\DRIVERS\VBoxNetFlt.sys] Service VBoxUSBMon [C:\Windows\system32\DRIVERS\VBoxUSBMon.sys] Service vdrvroot [C:\Windows\system32\drivers\vdrvroot.sys] Service vds [C:\Windows\System32\vds.exe] Service vga [C:\Windows\system32\DRIVERS\vgapnp.sys] Service VgaSave [C:\Windows\System32\drivers\vga.sys] Service vhdmp [C:\Windows\system32\drivers\vhdmp.sys] Service VIA HD Audio Codec Default [???] Service VIAHdAudAddService [C:\Windows\system32\drivers\viahduaa.sys] Service viaide [C:\Windows\system32\drivers\viaide.sys] Service VIAKaraokeService [C:\Windows\system32\viakaraokesrv.exe] Service volmgr [C:\Windows\system32\drivers\volmgr.sys] Service volmgrx [C:\Windows\System32\drivers\volmgrx.sys] Service volsnap [C:\Windows\system32\drivers\volsnap.sys] Service vsmraid [C:\Windows\system32\drivers\vsmraid.sys] Service VSS [C:\Windows\system32\vssvc.exe] Service vwifibus [C:\Windows\System32\drivers\vwifibus.sys] Service W32Time [C:\Windows\system32\w32time.dll] Service W3SVC [???] Service WacomPen [C:\Windows\system32\drivers\wacompen.sys] Service WANARP [C:\Windows\system32\DRIVERS\wanarp.sys] Service Wanarpv6 [C:\Windows\system32\DRIVERS\wanarp.sys] Service wbengine [C:\Windows\system32\wbengine.exe] Service WbioSrvc [C:\Windows\System32\wbiosrvc.dll] Service wcncsvc [C:\Windows\System32\wcncsvc.dll] Service WcsPlugInService [C:\Windows\System32\WcsPlugInService.dll] Service Wd [C:\Windows\system32\drivers\wd.sys] Service Wdf01000 [C:\Windows\system32\drivers\Wdf01000.sys] Service WdiServiceHost [C:\Windows\system32\wdi.dll] Service WdiSystemHost [C:\Windows\system32\wdi.dll] Service WebClient [C:\Windows\System32\webclnt.dll] Service Wecsvc [C:\Windows\system32\wecsvc.dll] Service wercplsupport [C:\Windows\System32\wercplsupport.dll] Service WerSvc [C:\Windows\System32\WerSvc.dll] Service WfpLwf [C:\Windows\system32\DRIVERS\wfplwf.sys] Service WIMMount [C:\Windows\system32\drivers\wimmount.sys] Service WinDefend [C:\Program Files\Windows Defender\mpsvc.dll] Service Windows Workflow Foundation 3.0.0.0 [???] Service Windows Workflow Foundation 4.0.0.0 [???] Service WinHttpAutoProxySvc [C:\Windows\system32\winhttp.dll] Service Winmgmt [C:\Windows\system32\wbem\WMIsvc.dll] Service WinRM [C:\Windows\system32\WsmSvc.dll] Service Winsock [C:\Windows\System32\Drivers\Winsock.sys] Service WinSock2 [???] Service WinUsb [C:\Windows\system32\DRIVERS\WinUsb.sys] Service Wlansvc [C:\Windows\System32\wlansvc.dll] Service wlidsvc [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE] Service WmiAcpi [C:\Windows\system32\drivers\wmiacpi.sys] Service WmiApRpl [???] Service wmiApSrv [C:\Windows\system32\wbem\WmiApSrv.exe] Service WMPNetworkSvc [C:\Program Files\Windows Media Player\wmpnetwk.exe] Service WPCSvc [C:\Windows\System32\wpcsvc.dll] Service WPDBusEnum [C:\Windows\system32\wpdbusenum.dll] Service ws2ifsl [C:\Windows\system32\drivers\ws2ifsl.sys] Service wscsvc [C:\Windows\System32\wscsvc.dll] Service WSearch [C:\Windows\system32\SearchIndexer.exe] Service WSearchIdxPi [???] Service wuauserv [C:\Windows\system32\wuaueng.dll] Service WudfPf [C:\Windows\system32\drivers\WudfPf.sys] Service WUDFRd [C:\Windows\system32\DRIVERS\WUDFRd.sys] Service wudfsvc [C:\Windows\System32\WUDFSvc.dll] Service WwanSvc [C:\Windows\System32\wwansvc.dll] Service xmlprov [???] Service xusb21 [C:\Windows\system32\DRIVERS\xusb21.sys] Service {95287057-8B82-40E0-B2F3-06FB3CEC5E6C} [???] Service {F1F1255D-3AD2-4929-A71F-97963A120CFA} [???] Scan finished: Freitag, 2. Januar 2015 13:05:23 Hidden files found: 0 Hidden registry items found: 0 Hidden processes found: 0 Hidden services found: 0 Hidden boot sectors found: 0 ---------- einziger Log mit Funden Code:
ATTFilter <?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/12/20 15:57:55 +0100</date>
<logfile>mbam-log-2014-12-20 (15-57-54).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2014.12.20.03</malware-database>
<rootkit-database>v2014.12.14.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>*****</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>349407</objects>
<time>810</time>
<processes>0</processes>
<modules>0</modules>
<keys>1</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>9</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34BE6615-ADA0-46D1-9457-ABE77C82B0AD}
</path><vendor>PUP.Optional.Agent</vendor><action>success</action><hash>3dd6f66fb4c8df571168cb07639f59a7</hash></key>
<file><path>C:\Users\*****\AppData\Local\Temp
\awh8F46.tmp</path><vendor>PUP.Optional.Amonetize</vendor><action>success</action><hash>62b16bfa8af272c4e9f704cae41d2dd3</hash></
file>
<file><path>C:\Users\*****\AppData\Local\Temp
\SciLorsGrooovesharkDownloader__3502_il2620.exe</path><vendor>PUP.Optional.Amonetize</vendor><action>success</action><hash>43d023
425d1fd95d3b0cb0497f82817f</hash></file>
<file><path>C:\Users\*****\AppData\Local\Temp\~dlEF73\~dljyb\tmp
\SupTab_v5.8.8.777_noblank.exe</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>c94afd683e3e1b1b29bfdd83
d72935cb</hash></file>
<file><path>C:\Users\*****\AppData\Local\Temp\~dlEF73\~dljyb\tmp
\wpm_v20.0.0.1277_.exe</path><vendor>PUP.Optional.WindowsProtectManger.A</vendor><action>success</action><hash>d34043227efe42f4d0
a6caf6dd2455ab</hash></file>
<file><path>C:\Users\*****\Downloads\DTLite4491-
0356.exe</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>9f749acbd5a7ed49473acdcf7095e11f</hash></file
>
<file><path>C:\Users\*****\Downloads
\SciLorsGrooovesharkDownloader__3502_il23518.exe</path><vendor>PUP.Optional.Amonetize</vendor><action>success</action><hash>b85b7
0f52b513afce23dc9fc46bbc23e</hash></file>
<file><path>C:\Users\*****\Downloads
\SciLorsGrooovesharkDownloader__3502_il2620.exe</path><vendor>PUP.Optional.Amonetize</vendor><action>success</action><hash>70a36b
fa99e3082e4cfb8871f809857b</hash></file>
<file><path>C:\Users\*****\Downloads\SoftonicDownloader_fuer_sid-meiers-
simgolf.exe</path><vendor>PUP.Optional.Softonic.A</vendor><action>success</action><hash>fb18d78e403c6cca91a464da0ff25ba5</hash></
file>
<file><path>C:\Users\*****\AppData\Local
\20121\a13993.exe</path><vendor>PUP.Optional.Amonetize</vendor><action>success</action><hash>25ee92d35f1dcd6937a9448a9f62cc34</ha
sh></file>
</items>
</mbam-log>
#1 AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.105 - Bericht erstellt am 20/12/2014 um 14:40:43
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : ***** - *****-PC
# Gestartet von : C:\Users\*****\Downloads\adwcleaner_4.105.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : WindowsMangerProtect
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Datei Gefunden : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dgcweobm.default\foxydeal.sqlite
Ordner Gefunden : C:\Program Files (x86)\SupTab
Ordner Gefunden : C:\ProgramData\apn
Ordner Gefunden : C:\ProgramData\WindowsMangerProtect
Ordner Gefunden : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Ordner Gefunden : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Ordner Gefunden : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dgcweobm.default\Extensions\faststartff@gmail.com
Ordner Gefunden : C:\Users\*****\AppData\Roaming\VOPackage
Ordner Gefunden : C:\Users\*****\AppData\Roaming\webssearches
***** [ Tasks ] *****
Task Gefunden : AmiUpdXp
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program
Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?
type=sc&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\Mozilla\Extends
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EAB5257A-1FB3-474C-9B42-231F52622E72}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c8730ca5-3f82-41cc-65e2-01b87600cd89}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gefunden : HKLM\SOFTWARE\webssearchesSoftware
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?
type=hp&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?
type=hp&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] -
hxxp://istart.webssearches.com/web/?type=ds&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?
type=hp&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?
type=hp&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?
type=ds&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] -
hxxp://istart.webssearches.com/web/?type=ds&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] -
hxxp://istart.webssearches.com/?type=hp&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?
type=hp&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?
type=ds&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH&q={searchTerms}
-\\ Mozilla Firefox v34.0.5 (x86 de)
[dgcweobm.default] - Zeile gefunden : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[dgcweobm.default] - Zeile gefunden : user_pref("browser.search.selectedEngine", "webssearches");
[dgcweobm.default] - Zeile gefunden : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?
type=hp&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH");
[dgcweobm.default] - Zeile gefunden : user_pref("extensions.quick_start.enable_search1", false);
[dgcweobm.default] - Zeile gefunden : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v39.0.2171.95
[C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] :
hxxp://istart.webssearches.com/web/?type=ds&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH&q={searchTerms}
[C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] :
hxxp://istart.webssearches.com/web/?type=ds&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH&q={searchTerms}
*************************
AdwCleaner[R0].txt - [7347 octets] - [20/12/2014 14:40:43]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7407 octets] ##########
#2 AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.105 - Bericht erstellt am 20/12/2014 um 14:45:35
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : ***** - *****-PC
# Gestartet von : C:\Users\*****\Downloads\adwcleaner_4.105.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\mbot_de_361
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBestOffersToday
Ordner Gefunden : C:\Users\*****\AppData\Local\mbot_de_361
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\Tutorials
Schlüssel Gefunden : HKCU\Software\TutoTag
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKCU\Software\Tutorials
Schlüssel Gefunden : [x64] HKCU\Software\TutoTag
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mbot_de_361_is1
Schlüssel Gefunden : HKLM\SOFTWARE\MyBestOffersToday
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mbot_de_361]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v34.0.5 (x86 de)
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [7539 octets] - [20/12/2014 14:40:43]
AdwCleaner[R1].txt - [1595 octets] - [20/12/2014 14:45:35]
AdwCleaner[S0].txt - [6003 octets] - [20/12/2014 14:41:53]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1715 octets] ##########
#3 AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.105 - Bericht erstellt am 21/12/2014 um 10:16:35
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : ***** - *****-PC
# Gestartet von : C:\Users\*****\Downloads\adwcleaner_4.105.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tabcrawler.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.tabcrawler.com
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Tutorials
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v34.0.5 (x86 de)
-\\ Google Chrome v39.0.2171.95
[C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] :
hxxp://istart.webssearches.com/web/?type=ds&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH&q={searchTerms}
[C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] :
hxxp://istart.webssearches.com/web/?type=ds&ts=1419082497&from=cvs4&uid=ST31000528AS_5VP5CNXHXXXX5VP5CNXH&q={searchTerms}
*************************
AdwCleaner[R0].txt - [7539 octets] - [20/12/2014 14:40:43]
AdwCleaner[R1].txt - [1811 octets] - [20/12/2014 14:45:35]
AdwCleaner[R2].txt - [1742 octets] - [21/12/2014 10:16:35]
AdwCleaner[S0].txt - [6003 octets] - [20/12/2014 14:41:53]
AdwCleaner[S1].txt - [1770 octets] - [20/12/2014 14:47:15]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1922 octets] ##########
#4 AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.106 - Bericht erstellt am 26/12/2014 um 16:30:40
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-21.4 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : ***** - *****-PC
# Gestartet von : C:\Users\*****\Downloads\adwcleaner_4.106.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v34.0.5 (x86 de)
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [7539 octets] - [20/12/2014 14:40:43]
AdwCleaner[R1].txt - [1811 octets] - [20/12/2014 14:45:35]
AdwCleaner[R2].txt - [2010 octets] - [21/12/2014 10:16:35]
AdwCleaner[R3].txt - [860 octets] - [26/12/2014 16:30:40]
AdwCleaner[S0].txt - [6003 octets] - [20/12/2014 14:41:53]
AdwCleaner[S1].txt - [1770 octets] - [20/12/2014 14:47:15]
AdwCleaner[S2].txt - [2071 octets] - [21/12/2014 10:23:44]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1099 octets] ##########
|
| Themen zu Win 7: Internet Explorer öffnet im Hintergrund selber |
| adobe, antivirus, avast, bluestacks, bonjour, browser, defender, dllhost.exe, dxgkrnl, explorer, firefox, google, home, iexplore.exe, internet, internet explorer, logfile, monitor, mozilla, msiexec.exe, problem, programm, services.exe, software, svchost.exe, system, tunnel, usb, winlogon.exe, öffnet |
Baum-Darstellung