| |
| |||||||
Log-Analyse und Auswertung: Sparkasse Onlinebanking "warten sie bis ihrer Computer identifiziert wird" - Trojaner?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.12.2011, 16:15
| #1 |
 |  Sparkasse Onlinebanking "warten sie bis ihrer Computer identifiziert wird" - Trojaner? Hallo, dies ist mein erster Beitrag in eurem Forum. Ich habe mir die Regeln durchgelesen und versucht alles zu verstehen und zu beachten...falls irgendwas nicht stimmt, seit nachsichtig mit mir. Nun zu meinem Problem: Gestern Abend wollte ich mich beim Onlinebanking der Sparkasse anmelden. Die Startseite erschien auch ganz normal, ich habe also meine Login Daten eingegeben. Danach erschien ein komplett weisses Browserfenster mit dem Hinweis "Bitte warten Sie, bis Ihrer Computer identifiziert wird". Heute war ich bei der Sparkasse um zu klären, ob die vielleicht irgendetwas am System geändert haben - scheint aber nicht so. Mein Onlinebanking haben wir direkt gesperrt, und nun wende ich mich an euch zwecks Problembehandlung. Hier der Malwarebytes Log: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 911122204 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 22.12.2011 19:15:36 mbam-log-2011-12-22 (19-15-36).txt Art des Suchlaufs: Vollständiger Suchlauf (B:\|C:\|) Durchsuchte Objekte: 315512 Laufzeit: 37 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 5 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 9 Infizierte Dateien: 30 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facetheme (PUP.FCTPlugin) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\program files (x86)\Object (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\chromeaddon (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\content (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\defaults (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\defaults\preferences (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\locale (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\locale\en-US (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\skin (PUP.FCTPlugin) -> Quarantined and deleted successfully. Infizierte Dateien: c:\program files (x86)\Object\bho_project.dll (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\status.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\chromeaddon.pem (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\config.ini (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme_uninstall.exe (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\status2.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\chromeaddon\._included.js (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\chromeaddon\background.html (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\chromeaddon\included.js (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\chromeaddon\manifest.json (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\build.sh (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\chrome.manifest (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\config_build.sh (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\files (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\install.rdf (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\readme.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\content\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\content\firefoxoverlay.xul (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\content\installid.js (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\content\overlay.js (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\content\sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\defaults\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\defaults\preferences\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\defaults\preferences\._sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\defaults\preferences\sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\locale\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\locale\en-US\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\locale\en-US\sudoku.dtd (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\locale\en-US\sudoku.properties (PUP.FCTPlugin) -> Quarantined and deleted successfully. c:\program files (x86)\Object\facetheme\skin\overlay.css (PUP.FCTPlugin) -> Quarantined and deleted successfully. Im Anhang noch die OTL Logfiles. Welche Informationen benötigt ihr sonst noch? Vielen Dank schonmal für eure Hilfe. |
| Themen zu Sparkasse Onlinebanking "warten sie bis ihrer Computer identifiziert wird" - Trojaner? |
| .dll, anti-malware, bho, bitte warten, computer, dateien, ebanking, explorer, gesperrt, google, helper, ide, install, install.exe, malwarebytes, microsoft, onlinebanking, preferences, problem, pup.fctplugin, regeln, seite, software, sparkasse, startseite, system, trojaner, trojaner?, uninstall.exe |
Baum-Darstellung