| |
| |||||||
Log-Analyse und Auswertung: Windows 8 / Firefox russische Po-ups behindern normales SurfenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
15.09.2015, 00:17
| #8 |
 |  Windows 8 / Firefox russische Po-ups behindern normales Surfen Hallo Schrauber, danke fuer die Hilfe und die vielen guten Tips. Bisher ist das Surfen zwar besser, es kommen aber immer noch Pop-ups und Pop-unders von russischen Servern, obwohl ich Ad-Block und Pop-up-Blocker als Add on aktiviert habe?! Mal sehen, wie sich das entwickelt. Hier ist das Logfile vom FRST Fixing: Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by Monica (2015-09-14 09:06:53) Run:1
Running from C:\Users\Monica\Desktop
Loaded Profiles: Monica (Available Profiles: Monica)
Boot Mode: Normal
==============================================
fixlist content:
*****************
C:\$Recycle.Bin
Task: {0F27EC7E-E8F1-4D6C-88D1-DBB19477BD39} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-11 -> No File <==== ATTENTION
Task: {190DC44D-8E22-45F9-A675-5D78CA06A748} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-5_user -> No File <==== ATTENTION
Task: {5BACF658-2447-4EE9-BD6B-67A1EF12175A} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-5 -> No File <==== ATTENTION
Task: {75412B3F-992A-4759-9CB7-64225A7FB2BD} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-1 -> No File <==== ATTENTION
Task: {9BD3C0E8-3784-4E29-BF6B-77845CB8110D} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-2 -> No File <==== ATTENTION
Task: {A304EFB4-FE0F-45F7-8AFD-B62CF6EDE5B6} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-3 -> No File <==== ATTENTION
Task: {C16458BF-446D-469A-83E4-AB0E7F682EF5} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-4 -> No File <==== ATTENTION
Tcpip\Parameters: [DhcpNameServer] 89.248.166.149 8.8.8.8
Tcpip\..\Interfaces\{BCA91B0F-7C70-41BA-A4FA-BAB10466C94F}: [DhcpNameServer] 89.248.166.149 8.8.8.8
2014-07-05 17:23 - 2014-07-05 17:23 - 0000266 _____ () C:\Users\Monica\AppData\Local\alwju.bat
2014-07-05 17:21 - 2014-07-05 17:21 - 0000266 _____ () C:\Users\Monica\AppData\Local\bncpb.bat
2014-07-05 17:18 - 2014-07-05 17:18 - 0000266 _____ () C:\Users\Monica\AppData\Local\ikuwyceg.bat
2014-07-05 17:25 - 2014-07-05 17:25 - 0000266 _____ () C:\Users\Monica\AppData\Local\isnpkup.bat
2014-07-05 17:31 - 2014-07-05 17:31 - 0000266 _____ () C:\Users\Monica\AppData\Local\lindinsi.bat
2014-07-05 17:27 - 2014-07-05 17:27 - 0000266 _____ () C:\Users\Monica\AppData\Local\timyfs.bat
2014-07-05 17:29 - 2014-07-05 17:29 - 0000266 _____ () C:\Users\Monica\AppData\Local\tyeljw.bat
Emptytemp:
*****************
C:\$Recycle.Bin => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F27EC7E-E8F1-4D6C-88D1-DBB19477BD39}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F27EC7E-E8F1-4D6C-88D1-DBB19477BD39}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-11 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{190DC44D-8E22-45F9-A675-5D78CA06A748}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{190DC44D-8E22-45F9-A675-5D78CA06A748}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-5_user => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5BACF658-2447-4EE9-BD6B-67A1EF12175A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BACF658-2447-4EE9-BD6B-67A1EF12175A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-5 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75412B3F-992A-4759-9CB7-64225A7FB2BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75412B3F-992A-4759-9CB7-64225A7FB2BD}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-1 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BD3C0E8-3784-4E29-BF6B-77845CB8110D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BD3C0E8-3784-4E29-BF6B-77845CB8110D}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-2 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A304EFB4-FE0F-45F7-8AFD-B62CF6EDE5B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A304EFB4-FE0F-45F7-8AFD-B62CF6EDE5B6}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-3 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C16458BF-446D-469A-83E4-AB0E7F682EF5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C16458BF-446D-469A-83E4-AB0E7F682EF5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-4 => key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BCA91B0F-7C70-41BA-A4FA-BAB10466C94F}\\DhcpNameServer => value removed successfully
C:\Users\Monica\AppData\Local\alwju.bat => moved successfully
C:\Users\Monica\AppData\Local\bncpb.bat => moved successfully
C:\Users\Monica\AppData\Local\ikuwyceg.bat => moved successfully
C:\Users\Monica\AppData\Local\isnpkup.bat => moved successfully
C:\Users\Monica\AppData\Local\lindinsi.bat => moved successfully
C:\Users\Monica\AppData\Local\timyfs.bat => moved successfully
C:\Users\Monica\AppData\Local\tyeljw.bat => moved successfully
EmptyTemp: => 2.8 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 09:08:26 ====
Gruss, Carsten |
| Themen zu Windows 8 / Firefox russische Po-ups behindern normales Surfen |
| antispyware, avast, avg, browser, defender, device driver, dnsapi.dll, explorer, firefox, flash player, homepage, installation, launch, mozilla, realtek, rundll, security, services.exe, siteadvisor, software, svchost.exe, symantec, system, tastatur, temp, udp, webadvisor, windows, windowsapps, wlan |
Baum-Darstellung