Author Topic: Thema: avast Infektion blockiert, URL:Mal , nicht auffindbar, nicht löschbar  (Read 20237 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Hallo avast forum,

ich bekomme beim surfen seit ein paar Tagen  (Firefox) sehr oft, ca. 2-3 stündlich oder öfter, diese Meldung :

http://www.avast.com/de-de/lp-fr-virus-alert?p_ext=&utm_campaign=Virus_alert&utm_source=prg_fav_90_0&utm_medium=prg_systray&utm_content=.%2Ffa%2Fde-de%2Fvirus-alert-default&p_vir=VVJMOk1hbA&p_prc=C:\Program%20Files%20%28x86%29\Mozilla%20Firefox\firefox.exe&p_obj=aHR0cDovL3d3dy5maW5hbnppZWxsZXNpbnRlcmVzc2UuY29tLz9BPTQ2ODMmQj0yOTAmU3ViQWZmaWxpYXRlSUQ9MjA5MzQ4NTkmc2lkPTIwMTQwNzIwMTkwOTE4MjA4YzRkMDk3ZjQ5MjJmM2Ex&p_var=.%2Ffa%2Fde-de%2Fvirus-alert-default&p_elm=7&p_lex=189&p_lid=de-de&p_lng=de&p_lqa=0&p_lqe=0&p_lst=0&p_lsu=24&p_pro=0&p_bld=empty&p_vep=9&p_ves=0&p_vbd=2021&p_hid=4a2b0d7b-ad48-4a63-9839-3246d5c03f34&p_ram=4094&p_cpu=-1%2C0

Dies passiert bisher nur mit Firefox, habe auch Chrome und Internet Explorer, bisher keine Meldung von Avast über Infektion

System Win7 professional, System aktuell, alle Windows Updates installiert

Habe bisher versucht:

Vollständiger scan mit avast: kein Fund

Vollständiger scan mit Malwarebytes Antimalware: nur PuP, HackTool Agent, Hacktool CheatEngine (habe diverse gametrainers, jedoch nie Probleme, diese sind auch schon sehr lange auf meinem system)

ComboFix: kompletter Durchlauf,es wurde diverses gelöscht :

c:\users\Dietmar\AppData\Roaming\Microsoft\~DFK8a1ba.tmp
c:\users\Dietmar\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Dietmar\AppData\Roaming\Microsoft\bass.dll
c:\users\Dietmar\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Dietmar\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Dietmar\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Dietmar\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Dietmar\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Dietmar\AppData\Roaming\Microsoft\Windows\Recent\ReadMe.url

Nach reboot keine Besserung

Ich hoffe, ihr könnt mir helfen

MfG

Offline DJBone

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6366
Hallo und Willkommen im Forum! :)

Bitte folge dieser Anleitung und poste die Logs als Anhang: https://forum.avast.com/index.php?topic=102616.0
Ein Malware Experte wird dir dann weiterhelfen.

DJBone
Win10 x64, APS (always latest version)
Avast Mobile Security (always latest version)

REDACTED

  • Guest
aswmbr log
« Last Edit: July 20, 2014, 12:56:09 PM by joe-cool »

REDACTED

  • Guest
Anhang OTL log
« Last Edit: July 20, 2014, 12:56:38 PM by joe-cool »

REDACTED

  • Guest
Adwcleaner log

REDACTED

  • Guest
Malwarebytes Anti-Malware log , keine Aktion dürchgeführt, da alles nur gametrainer sind
« Last Edit: July 20, 2014, 01:01:42 PM by joe-cool »

REDACTED

  • Guest
ComboFix log, nach kompletter Durchführung und Löschung

Offline DJBone

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6366
essexboy wurde von mir informiert. Es kann aber noch etwas dauern bis er sich meldet...

DJBone
Win10 x64, APS (always latest version)
Avast Mobile Security (always latest version)

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Thema: avast Infektion blockiert, URL:Mal
« Reply #8 on: July 20, 2014, 02:24:01 PM »
Hallo war das OTL-Log beschädigt, sodass ich Pete stattdessen verwenden wird. Könnten Sie bestätigen, dass dies Firefox nur


Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select  additions at the bottom
  • Press Scan button.

  • It will produce a log called FRST.txt in the same directory the tool is run from. 
  • Please attach both logs generated.

REDACTED

  • Guest
Re: Thema: avast Infektion blockiert, URL:Mal
« Reply #9 on: July 20, 2014, 03:34:03 PM »
Hallo war das OTL-Log beschädigt, sodass ich Pete stattdessen verwenden wird. Könnten Sie bestätigen, dass dies Firefox nur


Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select  additions at the bottom
  • Press Scan button.

  • It will produce a log called FRST.txt in the same directory the tool is run from. 
  • Please attach both logs generated.

Hello essexboy,

das OTL log sollte unbeschädigt gewesen sein, falls nötig, führe ich einen erneuten scan durch.
The OTG log should'nt be corrupted, if needed, I make a new OTG scan and will post the log.
And yes, till now, it only happens when using Firefox, my Standard Browser. At the moment I use Chrome, didin't happen yet. But I'm not 100% sure, I use Chrome less, mabye it will happen the same here.
Hier erstmal der FRST log
Here at first the FRST log
« Last Edit: July 20, 2014, 03:49:08 PM by joe-cool »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Thema: avast Infektion blockiert, URL:Mal
« Reply #10 on: July 20, 2014, 03:48:43 PM »
The OTL corruption is due to the forum software, nothing you have done

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote

CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:

 
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

REDACTED

  • Guest
To be sure, I've made 1st a new OTG scan, here  is the log
Um sicher zu serin, hier ist ein neuer log von OTG scan

REDACTED

  • Guest
Ich habe noch ein Addition.txt file entdeckt, gehört wohl zu FRST

REDACTED

  • Guest
Re: Thema: avast Infektion blockiert, URL:Mal
« Reply #13 on: July 20, 2014, 04:01:55 PM »
The OTL corruption is due to the forum software, nothing you have done

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote

CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q



CMD: RD /S /Q %TEMP%
REBOOT:

 
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


Okay, let me do this, I'll post the logs then

Ich werde nun dies machen, und werde anschliessend die logs posten

REDACTED

  • Guest
Fixlog und AdwareCleaner logs

Das Problem besteht weiterhin

The problem still exist, it isn't fixed....