| |
| |||||||
Log-Analyse und Auswertung: Firefox öffnet neues Fenster, Verlinkungen auf falsche Webseiten, Bluescreen, PC-langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
01.07.2011, 20:54
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Firefox öffnet neues Fenster, Verlinkungen auf falsche Webseiten, Bluescreen, PC-langsam Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.07.2011, 10:33
| #2 |
 | Firefox öffnet neues Fenster, Verlinkungen auf falsche Webseiten, Bluescreen, PC-langsam Hy Arne, pu hatte eine Weile gedauert, hier die Logfiles:
__________________Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6998 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 01.07.2011 22:01:11 mbam-log-2011-07-01 (22-01-11).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 172791 Laufzeit: 4 Minute(n), 54 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6419 # api_version=3.0.2 # EOSSerial=0bd560de9d489b47a18ad13430b98fe8 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-01-06 07:36:35 # local_time=2011-01-06 08:36:35 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=512 16777215 100 0 792233 792233 0 0 # compatibility_mode=1797 16775165 100 94 365363 69847207 0 0 # compatibility_mode=5893 16776573 100 94 169663 46770643 0 0 # compatibility_mode=8192 67108863 100 0 3732 3732 0 0 # scanned=200020 # found=41 # cleaned=0 # scan_time=10695 C:\Program Files\ICQ7.2\packages\bloom\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\evergreen\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\Facebook\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\featuredThemes\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\german\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\kolobok\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\pro7\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\purple\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\quest\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\sky\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\strawberries\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\zlango7\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\Xtraz\icq\resources\de-de\xtraz_list.dtd Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\Xtraz\zlango7\resources\de-de\xtraz_list.dtd Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Qoobox\Quarantine\C\Users\obelix\AppData\Local\MSNUser90\rasWebusb.dll.vir a variant of Win32/Sefnit.AS trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\obelix\Desktop\Downloads\ps_radio2015.exe a variant of Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I C:\Users\obelix\Desktop\Downloads\registrybooster.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\_OTL\MovedFiles\01032011_185130\C_Users\obelix\AppData\Roaming\53419\pdmn2.exe a variant of Win32/Sefnit.AS trojan (unable to clean) 00000000000000000000000000000000 I D:\Games\Grand Theft Auto San Andreas\trainer.exe probably a variant of Win32/Agent.LPHFBGW trojan (unable to clean) 00000000000000000000000000000000 I F:\OBELIX-PC\Backup Set 2009-12-26 183841\Backup Files 2010-10-08 193307\Backup files 4.zip probably a variant of Win32/Agent.DYXWUMY trojan (unable to clean) 00000000000000000000000000000000 I F:\OBELIX-PC\Backup Set 2009-12-26 183841\Backup Files 2010-10-08 193307\Backup files 5.zip multiple threats (unable to clean) 00000000000000000000000000000000 I F:\OBELIX-PC\Backup Set 2010-12-31 153432\Backup Files 2010-12-31 153432\Backup files 2.zip Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I F:\OBELIX-PC\Backup Set 2010-12-31 153432\Backup Files 2010-12-31 153432\Backup files 7.zip a variant of Win32/Sefnit.AS trojan (unable to clean) 00000000000000000000000000000000 I F:\OBELIX-PC\Backup Set 2010-12-31 153432\Backup Files 2010-12-31 153432\Backup files 8.zip a variant of Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I F:\OBELIX-PC\Backup Set 2010-12-31 153432\Backup Files 2010-12-31 153432\Backup files 9.zip Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I F:\12.7\D\Games\Grand Theft Auto San Andreas\trainer.exe probably a variant of Win32/Agent.LPHFBGW trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\Local\knsvmnwlt\ihjkvbftssd.exe Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23SP8EDU\n00a102304801r0007J11000601R43329fdcW9ff727c8Xc6a2f50fY8a99c47fZ03007f350[1] Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHMFGYEV\n00a102304801r0007J11000601R43329fdcW9ff727c8Xc6a2f50fY8a99c47fZ03007f351[1] a variant of Win32/Olmarik.ABV trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\Local\Mozilla\Firefox\Profiles\b422sxsw.default\Cache\FB0C336Bd01 JS/Exploit.Pdfka.OCR.Gen trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\Local\Temp\iWDh.exe Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\Local\Temp\LsYd.exe a variant of Win32/Olmarik.ABV trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\7bb99554-5b61081d probably a variant of Win32/Agent.DYXWUMY trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\7adbb65d-3ebd6ab9 multiple threats (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\40591084-4f631562 Java/TrojanDownloader.Agent.NBL trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\640c67b5-113f8bff Java/TrojanDownloader.Agent.NBM trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\70c078fa-3d9bb464 Java/TrojanDownloader.Agent.NAM trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\3f5641c8-6aeff3d2 Java/TrojanDownloader.Agent.NBK trojan (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\Desktop\Downloads\ps_radio2015.exe a variant of Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I F:\12.7\C\Users\obelix\Desktop\Downloads\registrybooster.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6427 # api_version=3.0.2 # EOSSerial=0bd560de9d489b47a18ad13430b98fe8 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-07-02 09:21:48 # local_time=2011-07-02 11:21:48 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=5893 16776574 66 94 1521151 62031821 0 0 # compatibility_mode=8192 67108863 100 0 15264910 15264910 0 0 # scanned=151589 # found=25 # cleaned=0 # scan_time=5429 C:\Program Files\ICQ7.2\packages\bloom\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\evergreen\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\Facebook\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\featuredThemes\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\german\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\kolobok\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\pro7\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\purple\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\quest\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\sky\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\strawberries\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\packages\zlango7\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\updates\manifest Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\Xtraz\icq\resources\de-de\xtraz_list.dtd Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Program Files\ICQ7.2\Xtraz\zlango7\resources\de-de\xtraz_list.dtd Win32/Adware.SpywareProtect2009 application (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11FVHVJK\imgsource[2].htm JS/Kryptik.AX trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZHXQKYO\index[1].htm JS/Kryptik.AX trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZHXQKYO\index[2].htm JS/Kryptik.AX trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GI84QHED\show_bn[1].htm JS/Kryptik.AY trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IH161C3F\04[1].ra JS/Kryptik.AP trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKCRHGQK\forum[1].htm JS/Kryptik.AX trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7NDI0DK\forum[1].htm JS/Kryptik.AX trojan (unable to clean) 00000000000000000000000000000000 I C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y0EDCJEQ\index[1].htm JS/Kryptik.AX trojan (unable to clean) 00000000000000000000000000000000 I C:\_OTL\MovedFiles\06292011_184419\C_Recycle.Bin\Recycle.Bin.exe Win32/Spy.SpyEye.CA trojan (unable to clean) 00000000000000000000000000000000 I C:\_OTL\MovedFiles\06292011_184419\C_Windows\System32\drivers\srenum.sys Win32/Rootkit.Agent.NUW trojan (unable to clean) 00000000000000000000000000000000 I Super Spyware hab ich noch nicht, das dauert ja ewigkeiten, ist das notwendig? Hab die nächstn 2 Tage wenig Zeit. Vielen Dank für die Hilfe. Ach Bluescreen blieb bisher aus - auch die seltsamen Weiterleitungen auf dubiose Seiten ist bisher nicht mehr aufgetaucht. Wie geht's nun weiter :-) Schönes Wochenende, grüße No suspicion. |
|
| Themen zu Firefox öffnet neues Fenster, Verlinkungen auf falsche Webseiten, Bluescreen, PC-langsam |
| adblock, alternate, autorun, bluescreen, bonjour, cdburnerxp, emsisoft anti-malware, error 404, excel.exe, exploit.drop.2, flash player, home, jar_cache, langsam, mbamservice.exe, microsoft office word, nodrives, nt.dll, ntdll.dll, office 2007, plug-in, rechner hängt, recycle.bin, sched.exe, searchplugins, security update, sehr langsam, software, start menu, svchost.exe, trojan.downloader, trojan.fakeav, trojan.spyeyes, verlinkungen, warnung |
Hybrid-Darstellung
