![]() |
|
Plagegeister aller Art und deren Bekämpfung: Website scheint meinen PC atttackiert zu haben- "Windows geblockt"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() | #5 |
| ![]() Website scheint meinen PC atttackiert zu haben- "Windows geblockt" Und wieder danke für deine schnelle Antwort. 1.: Neuste Version ist jetzt installiert. 2.: Habe ich durchgeführt. Log: Code:
ATTFilter All processes killed ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully! Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename Prefs.js: "Ask.com" removed from browser.search.order.1 Prefs.js: "Google" removed from browser.search.selectedEngine Prefs.js: true removed from browser.search.useDBForOrder Prefs.js: "hxxp://isearch.avg.com/search?cid=%7Bac95d161-1181-4971-9946-ad60d97008a8%7D&mid=227c21ffd80947d198b59128c069f449-85fb50343b25871a829a4fce5c5a96f084ed2500&ds=tg028&v=8.0.0.34.1&lang=en&pr=sa&d=2011-09-23%2017%3A45%3A06&sap=ku&q=" removed from keyword.URL Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully. C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully. File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found. C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\2ih1s6k6.default\searchplugins\askcom.xml moved successfully. C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\2ih1s6k6.default\searchplugins\avg-secure-search.xml moved successfully. C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully. C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully. C:\Users\***\AppData\Roaming\Bitdefender\Desktop\Profiles\Logs folder moved successfully. C:\Users\***\AppData\Roaming\Bitdefender\Desktop\Profiles\LGKC folder moved successfully. C:\Users\***\AppData\Roaming\Bitdefender\Desktop\Profiles folder moved successfully. C:\Users\***\AppData\Roaming\Bitdefender\Desktop folder moved successfully. C:\Users\***\AppData\Roaming\Bitdefender folder moved successfully. C:\ProgramData\Bitdefender\DTrace folder moved successfully. C:\ProgramData\Bitdefender\Desktop\Temp\BDIDW folder moved successfully. C:\ProgramData\Bitdefender\Desktop\Temp folder moved successfully. C:\ProgramData\Bitdefender\Desktop\Quarantine folder moved successfully. C:\ProgramData\Bitdefender\Desktop\Profiles\Logs folder moved successfully. C:\ProgramData\Bitdefender\Desktop\Profiles\LGKC folder moved successfully. C:\ProgramData\Bitdefender\Desktop\Profiles folder moved successfully. C:\ProgramData\Bitdefender\Desktop\Events folder moved successfully. C:\ProgramData\Bitdefender\Desktop folder moved successfully. C:\ProgramData\Bitdefender\Avc\Feedback folder moved successfully. C:\ProgramData\Bitdefender\Avc folder moved successfully. C:\ProgramData\Bitdefender folder moved successfully. C:\Users\***\AppData\Roaming\pdfforge\Images2PDF folder moved successfully. C:\Users\***\AppData\Roaming\pdfforge folder moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56468 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: *** ->Temp folder emptied: 408316490 bytes ->Temporary Internet Files folder emptied: 436855364 bytes ->Java cache emptied: 6823862 bytes ->FireFox cache emptied: 88655731 bytes ->Google Chrome cache emptied: 20548909 bytes ->Apple Safari cache emptied: 13009920 bytes ->Opera cache emptied: 1608269 bytes ->Flash cache emptied: 2945645 bytes User: _ocster_backup_ ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 200704 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 204554381 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes RecycleBin emptied: 2553516725 bytes Total Files Cleaned = 3.564,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 01072012_152717 Files\Folders moved on Reboot... C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\***\AppData\Local\Temp\WERAE58.tmp.resp.erc.xml moved successfully. File\Folder C:\Users\***\AppData\Local\Temp\WERAE59.tmp.resp not found! Registry entries deleted on Reboot... 4.: Hat einige Trackingcookies gefunden, mehr nicht. Code:
ATTFilter SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 01/07/2012 at 05:00 PM Application Version : 5.0.1142 Core Rules Database Version : 8112 Trace Rules Database Version: 5924 Scan type : Complete Scan Total Scan Time : 01:19:19 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 754 Memory threats detected : 0 Registry items scanned : 72498 Registry threats detected : 0 File items scanned : 139691 File threats detected : 40 Adware.Tracking Cookie .eaeacom.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] www.counter-go.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .mediafire.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .mediafire.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .mediafire.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .mediafire.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .static.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] in.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .xiti.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .yadro.ru [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .microsoftwllivemkt.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] spenden.wikimedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] spenden.wikimedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] spenden.wikimedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .microsoftsto.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] stats.computecmedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] tracking.sim-technik.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] stats.computecmedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] www.blogcounter.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] .oracle.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2IH1S6K6.DEFAULT\COOKIES.SQLITE ] 6.: Durchgeführt, hat aber keinen Log erstellt? Jedenfalls hat es offenbar eine Adwaredatei gefunden und gelöscht. ----------- Wie steht es eigentlich um meinen Computer? Kann ich mir wirklich sicher sein, dass alle Schadsoftware zu 100% entfernt wurde und nichts mehr anrichten wird? Oder ist die einzige Möglichkeit, meinen PC zu 100% zu säubern, eine Windowsneuinstallation mit kompletter Festplattenformatierung? Ich hoffe, du kannst mir diese Fragen zuverlässig beantworten. MfG |
Themen zu Website scheint meinen PC atttackiert zu haben- "Windows geblockt" |
antivirus, avast, avast free antivirus, blocken, cpu, deaktiviert, fehlermeldung, frage, free, geblockt, geld, geld zahlen, infiziert, internet, internet security 2012, keine viren, malware, namen, nicht mehr, reset, scan, schnell, security, system, taskleiste, taskmanager, virenscanner, virus, windows, windows geblockt |