| |
| |||||||
Log-Analyse und Auswertung: Öffnen von zwei Werbeseiten beim BrowsenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.01.2015, 16:58
| #1 |
| |  Öffnen von zwei Werbeseiten beim Browsen Hallo Trojaner-Board, seit dem 08.01.2015 habe ich das Problem, dass sich beim Browsen, zu unterschiedlichen Zeiten, zweimal der gleiche Werbetab öffnet. Ich war auf der Suche nach einem Reaktions-/Konzentrationstest und habe leider nichts nützliches gefunden. Ich benutze GData und dieses hatte mir auch 2 Websides gesperrt bei der Suche. Zudem wurde mir eine Infektion angezeigt. Diese habe ich von GData löschen lassen, jedoch ist das angesprochene Problem noch da. Ich habe am Wochenende Malwarebytes installiert welches auch nochmal fündig geworden ist. Auch hier habe ich das Programm den Schädling entfernen lassen. Da ich nicht weiß, ob noch mehr auf meinem Rechner gelandet ist. Die Werbung ist nur noch halb so lästig, nachdem ich im Chrome für die Seiten Bilder/PopUps/JAVA etc. deaktiviert habe. Jetzt hoffe ich auf eure Hilfe und Unterstützung  Es folgen die LOGS Frst.log sprengt leider den Rahmen, daher als Zip im Dateianhang addition.log Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Panter at 2015-01-13 12:53:48
Running from E:\
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Depression Quest (HKLM-x32\...\Steam App 270170) (Version: - The Quinnspiracy)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
Frontline Tactics (HKLM-x32\...\Steam App 218310) (Version: - Full Control / WIT Entertainment)
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.3 - G DATA Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Happy Wars (HKLM-x32\...\Steam App 246280) (Version: - Toylogic inc.)
Haunted Memories (HKLM-x32\...\Steam App 241640) (Version: - MadMan Theory Games)
HDR Projects platin (64-Bit) (HKLM\...\HDR Projects platin_is1) (Version: 1.23 - Franzis Verlag GmbH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.)
Kaminfeuer Comprehensive Edition 1080 (HKLM-x32\...\ST5UNST #1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.8400.10177 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1519 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1519 - CyberLink Corp.) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6696 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes)
Sacred Citadel (HKLM-x32\...\Steam App 207930) (Version: - Southend)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2985608836-3262577671-630706704-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Expendabros (HKLM-x32\...\Steam App 312990) (Version: - Free Lives)
The Talos Principle Public Test (HKLM-x32\...\Steam App 330710) (Version: - Croteam)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Thief 2 (HKLM-x32\...\Steam App 211740) (Version: - Looking Glass Studios)
Thief Gold (HKLM-x32\...\Steam App 211600) (Version: - Looking Glass Studios)
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version: - Ion Storm)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version: - MachineGames)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
10-01-2015 21:56:51 Ende der Bereinigung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {3FE5F9E8-F152-41C4-824A-3BD23B8C1B65} - System32\Tasks\CCleanerSkipUAC => F:\Programme\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {B1D03BC1-BE24-4ABA-8D6B-FEED830C934B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: {C08705A2-D873-48B3-8B57-09A63EA5515C} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {D5CEC877-E21B-412B-A2D3-314E07E7D918} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {DAAE3C1E-E103-4211-A116-D6C196880AD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Panter\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "UseAlternateShell"="1"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
========================= Accounts: ==========================
Administrator (S-1-5-21-2985608836-3262577671-630706704-500 - Administrator - Disabled)
Gast (S-1-5-21-2985608836-3262577671-630706704-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2985608836-3262577671-630706704-1005 - Limited - Enabled)
Panter (S-1-5-21-2985608836-3262577671-630706704-1001 - Administrator - Enabled) => C:\Users\Panter
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (01/13/2015 00:53:49 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (01/13/2015 00:53:49 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (01/13/2015 00:53:49 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (01/13/2015 00:53:49 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (01/13/2015 00:53:49 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/13/2015 00:53:40 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084AVKProxy-Service{9CC0C66E-A7B9-4611-8792-EE9833277273}
Error: (01/13/2015 00:53:35 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084AVKProxy-Service{9CC0C66E-A7B9-4611-8792-EE9833277273}
Error: (01/13/2015 00:53:29 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084AVKProxy-Service{9CC0C66E-A7B9-4611-8792-EE9833277273}
Error: (01/13/2015 00:53:24 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084AVKProxy-Service{9CC0C66E-A7B9-4611-8792-EE9833277273}
Error: (01/13/2015 00:53:19 PM) (Source: DCOM) (EventID: 10005) (User: PR3S)
Description: 1084AVKProxy-Service{9CC0C66E-A7B9-4611-8792-EE9833277273}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-12-29 16:03:34.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-12-25 22:01:19.659
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-12-14 16:07:08.369
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-12-14 16:07:06.484
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-09 10:24:40.262
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-08 15:13:54.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 21:26:51.584
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 21:17:31.050
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 21:16:01.546
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 16%
Total physical RAM: 8139.28 MB
Available physical RAM: 6757.87 MB
Total Pagefile: 16331.28 MB
Available Pagefile: 15034.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.29 GB) (Free:74.1 GB) NTFS
Drive d: (Volume) (Fixed) (Total:441.87 GB) (Free:429.82 GB) NTFS
Drive e: () (Removable) (Total:14.89 GB) (Free:14.83 GB) FAT32
Drive f: (Data) (Fixed) (Total:428.2 GB) (Free:128.99 GB) NTFS
Drive g: () (Fixed) (Total:29.93 GB) (Free:29.91 GB) FAT32 ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: A66198D6)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E8457BFC)
Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)
Partition 2: (Active) - (Size=441.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=428.2 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1.5 GB) - (Type=12)
========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
gmer.log Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-13 15:51:14
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000034 TS128GMSA370 rev.20140402 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Panter\AppData\Local\Temp\pxldapoc.sys
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [744:4000] fffff960009642d0
Thread C:\Windows\System32\SettingSyncHost.exe [5492:6364] 00007ff92640c3e0
Thread C:\Windows\System32\WWAHost.exe [5828:8604] 00007ff926f37d70
Thread C:\Windows\System32\WWAHost.exe [5828:4488] 00007ff930b312c0
Thread C:\Windows\System32\WWAHost.exe [5828:8560] 00007ff92edd1df0
Thread C:\Windows\System32\WWAHost.exe [5828:8872] 00007ff92ef871d0
Thread C:\Windows\System32\WWAHost.exe [5828:9172] 00007ff911ad3010
Thread C:\Windows\System32\WWAHost.exe [5828:8304] 00007ff911ad6230
Thread C:\Windows\System32\WWAHost.exe [5828:9152] 00007ff911c284e0
Thread C:\Windows\System32\WWAHost.exe [5828:5908] 00007ff911ad6230
Thread C:\Windows\System32\WWAHost.exe [5828:8932] 00007ff911ad6230
Thread C:\Windows\System32\WWAHost.exe [5828:268] 00007ff930a20b70
Thread C:\Windows\System32\WWAHost.exe [5828:8316] 00007ff930a20b70
Thread C:\Windows\System32\WWAHost.exe [5828:6592] 00007ff911ad6230
Thread C:\Windows\System32\WWAHost.exe [5828:7608] 00007ff9173fb590
Thread C:\Windows\System32\WWAHost.exe [5828:6932] 00007ff930b312c0
Thread C:\Windows\System32\WWAHost.exe [5828:6276] 00007ff930b312c0
Thread C:\Windows\System32\WWAHost.exe [5828:7916] 00007ff9173ef080
Thread C:\Windows\System32\WWAHost.exe [5828:3936] 00007ff92640c3e0
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 10.01.2015 Suchlauf-Zeit: 20:39:21 Logdatei: malwareloge.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.01.10.15 Rootkit Datenbank: v2015.01.07.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Panter Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 349144 Verstrichene Zeit: 4 Min, 19 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Warnen Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 1 PUP.Optional.Babylon.A, C:\Users\Panter\Downloads\Unlocker1.9.2.exe, In Quarantäne, [e8dff9fc56335bdb7ecc22050100a858], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) GData Meldungen Code:
ATTFilter Virenprüfung von Web-Inhalten
Adresse:
Virus: Win32.Adware.SoftPulse.N (Engine B)
Status: Der Zugriff wurde verweigert.
Virenprüfung von Web-Inhalten
Adresse:
Virus: Gen:Variant.Adware.Kazy.494185 (Engine A)
Status: Der Zugriff wurde verweigert.
MfG PanterP PS: Ich hoffe ich habe die Anleitung zum Posten gut umgesetzt |
| Themen zu Öffnen von zwei Werbeseiten beim Browsen |
| adware, cpu, defender, device driver, entfernen, file, firewall, gdata, geforce, gesperrt, helper, home, internet, löschen, onedrive, problem, programm, programme, realtek, scan, schutz, schädling, security, seiten, temp, werbetab, werbung, windows |
Baum-Darstellung